Added max length checking of hostname

commit: 13ca8951f96f00750c9fda9928a9affcddcd342c [log] [tgz]
author: Simon Butcher <simon.butcher@arm.com> Wed Sep 30 00:45:21 2015 +0100
committer: Simon Butcher <simon.butcher@arm.com> Wed Sep 30 00:45:21 2015 +0100
tree: cbd040ba4c5ac44cd4aad44879d587d62bfc5948
parent: 2cf969678555c21cc16c0601dce8de8f902eb55f [diff]
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index e31b776..7aad9f9 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h

@@ -121,6 +121,8 @@
 #define SSL_LEGACY_ALLOW_RENEGOTIATION  1
 #define SSL_LEGACY_BREAK_HANDSHAKE      2
 
+#define SSL_MAX_HOST_NAME_LEN           255 /*!< Maximum host name defined in RFC 1035 */
+
 /*
  * Size of the input / output buffer.
  * Note: the RFC defines the default size of SSL / TLS messages. If you

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 734bc8f..bed4286 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -3350,6 +3350,9 @@
     if( ssl->hostname_len + 1 == 0 )
         return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
 
+    if( ssl->hostname_len > SSL_MAX_HOST_NAME_LEN )
+        return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
+
     ssl->hostname = (unsigned char *) malloc( ssl->hostname_len + 1 );
 
     if( ssl->hostname == NULL )
commit	13ca8951f96f00750c9fda9928a9affcddcd342c	[log] [tgz]
author	Simon Butcher <simon.butcher@arm.com>	Wed Sep 30 00:45:21 2015 +0100
committer	Simon Butcher <simon.butcher@arm.com>	Wed Sep 30 00:45:21 2015 +0100
tree	cbd040ba4c5ac44cd4aad44879d587d62bfc5948
parent	2cf969678555c21cc16c0601dce8de8f902eb55f [diff]