openssl/0130-More-correctly-handle-a-selected_len-of-0-when-proce.patch
Clemens Lang f3cb03b52a Fix CVE-2024-5535
The first patch caused a QUIC test to fail, so backport the entire
series, which looks reasonable and adds good additional safeguards and
checks.

Resolves: RHEL-45692
Signed-off-by: Clemens Lang <cllang@redhat.com>
2024-08-21 17:09:28 +02:00

40 lines
1.6 KiB
Diff

From 015255851371757d54c2560643eb3b3a88123cf1 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Fri, 31 May 2024 11:18:27 +0100
Subject: [PATCH 02/10] More correctly handle a selected_len of 0 when
processing NPN
In the case where the NPN callback returns with SSL_TLEXT_ERR_OK, but
the selected_len is 0 we should fail. Previously this would fail with an
internal_error alert because calling OPENSSL_malloc(selected_len) will
return NULL when selected_len is 0. We make this error detection more
explicit and return a handshake failure alert.
Follow on from CVE-2024-5535
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24717)
---
ssl/statem/extensions_clnt.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index 381a6c9d7b..1ab3c13d57 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -1560,8 +1560,8 @@ int tls_parse_stoc_npn(SSL_CONNECTION *s, PACKET *pkt, unsigned int context,
if (sctx->ext.npn_select_cb(SSL_CONNECTION_GET_SSL(s),
&selected, &selected_len,
PACKET_data(pkt), PACKET_remaining(pkt),
- sctx->ext.npn_select_cb_arg) !=
- SSL_TLSEXT_ERR_OK) {
+ sctx->ext.npn_select_cb_arg) != SSL_TLSEXT_ERR_OK
+ || selected_len == 0) {
SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_BAD_EXTENSION);
return 0;
}
--
2.46.0