Check for invalid short Alert messages
(Short Change Cipher Spec & Handshake messages are already checked for.)
diff --git a/ChangeLog b/ChangeLog
index 3b45660..98ebd2d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -39,6 +39,8 @@
seen when communicating with OpenSSL using TLS 1.0. Reported by @kFYatek
(#1632) and by Conor Murphy on the forum. Fix contributed by Espressif
Systems.
+ * Fail when receiving a TLS alert message with an invalid length, or invalid
+ zero-length messages when using TLS 1.2. Contributed by Espressif Systems.
Changes
* Change the shebang line in Perl scripts to look up perl in the PATH.
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index b7c8881..f1856e2 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4187,6 +4187,16 @@
if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT )
{
+ if( ssl->in_msglen != 2 )
+ {
+ /* Note: Standard allows for more than one 2 byte alert
+ to be packed in a single message, but Mbed TLS doesn't
+ currently support this. */
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid alert message, len: %d",
+ ssl->in_msglen ) );
+ return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+ }
+
MBEDTLS_SSL_DEBUG_MSG( 2, ( "got an alert message, type: [%d:%d]",
ssl->in_msg[0], ssl->in_msg[1] ) );