1
Description: fix memory disclosure in TLS heartbeat extension
2
Origin: upstream, http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=96db9023b881d7cd9f379b0c154650d6c108e9a3
4
Index: openssl-1.0.1f/ssl/d1_both.c
5
===================================================================
6
--- openssl-1.0.1f.orig/ssl/d1_both.c 2014-01-06 08:47:42.000000000 -0500
7
+++ openssl-1.0.1f/ssl/d1_both.c 2014-04-07 15:37:38.548342862 -0400
8
@@ -1459,26 +1459,36 @@
10
unsigned int padding = 16; /* Use minimum padding */
12
- /* Read type and payload length first */
18
s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
19
&s->s3->rrec.data[0], s->s3->rrec.length,
20
s, s->msg_callback_arg);
22
+ /* Read type and payload length first */
23
+ if (1 + 2 + 16 > s->s3->rrec.length)
24
+ return 0; /* silently discard */
27
+ if (1 + 2 + payload + 16 > s->s3->rrec.length)
28
+ return 0; /* silently discard per RFC 6520 sec. 4 */
31
if (hbtype == TLS1_HB_REQUEST)
33
unsigned char *buffer, *bp;
34
+ unsigned int write_length = 1 /* heartbeat type */ +
35
+ 2 /* heartbeat length */ +
39
+ if (write_length > SSL3_RT_MAX_PLAIN_LENGTH)
42
/* Allocate memory for the response, size is 1 byte
43
* message type, plus 2 bytes payload length, plus
44
* payload, plus padding
46
- buffer = OPENSSL_malloc(1 + 2 + payload + padding);
47
+ buffer = OPENSSL_malloc(write_length);
50
/* Enter response type, length and copy payload */
51
@@ -1489,11 +1499,11 @@
53
RAND_pseudo_bytes(bp, padding);
55
- r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding);
56
+ r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length);
58
if (r >= 0 && s->msg_callback)
59
s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
60
- buffer, 3 + payload + padding,
61
+ buffer, write_length,
62
s, s->msg_callback_arg);
65
Index: openssl-1.0.1f/ssl/t1_lib.c
66
===================================================================
67
--- openssl-1.0.1f.orig/ssl/t1_lib.c 2014-01-06 08:47:42.000000000 -0500
68
+++ openssl-1.0.1f/ssl/t1_lib.c 2014-04-07 15:37:38.548342862 -0400
69
@@ -2558,16 +2558,20 @@
71
unsigned int padding = 16; /* Use minimum padding */
73
- /* Read type and payload length first */
79
s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
80
&s->s3->rrec.data[0], s->s3->rrec.length,
81
s, s->msg_callback_arg);
83
+ /* Read type and payload length first */
84
+ if (1 + 2 + 16 > s->s3->rrec.length)
85
+ return 0; /* silently discard */
88
+ if (1 + 2 + payload + 16 > s->s3->rrec.length)
89
+ return 0; /* silently discard per RFC 6520 sec. 4 */
92
if (hbtype == TLS1_HB_REQUEST)
94
unsigned char *buffer, *bp;