Merge remote-tracking branch 'upstream-public/pr/2133' into mbedtls-2.1

commit: 1d990feb9642a0e509180d949aac6da1dea8ba2c [log] [tgz]
author: Jaeden Amero <jaeden.amero@arm.com> Thu Dec 06 16:05:49 2018 +0000
committer: Jaeden Amero <jaeden.amero@arm.com> Fri Dec 07 10:39:07 2018 +0000
tree: a4e3b9390920077e895ee5fe1ad896dcb4604e62
parent: 51762e87c810a569ed19a1b962d4f825547e8dc9 [diff]
parent: b7b0699156e2d9d123e037be67ebe1dbf256e23a [diff]
diff --git a/ChangeLog b/ChangeLog
index 505aa63..72b01f3 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -9,6 +9,9 @@
    * Fix runtime error in `mbedtls_platform_entropy_poll()` when run
      through qemu user emulation. Reported and fix suggested by randombit
      in #1212. Fixes #1212.
+   * Fix an unsafe bounds check when restoring an SSL session from a ticket.
+     This could lead to a buffer overflow, but only in case ticket authentication
+     was broken. Reported and fix suggested by Guido Vranken in #659.
 
 = mbed TLS 2.1.17 branch released 2018-11-30
 

diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
index a27d2ec..a500718 100644
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c

@@ -192,9 +192,9 @@
     if( left < 3 + cert_len )
         return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
 
-    *p++ = (unsigned char)( cert_len >> 16 & 0xFF );
-    *p++ = (unsigned char)( cert_len >>  8 & 0xFF );
-    *p++ = (unsigned char)( cert_len       & 0xFF );
+    *p++ = (unsigned char)( ( cert_len >> 16 ) & 0xFF );
+    *p++ = (unsigned char)( ( cert_len >>  8 ) & 0xFF );
+    *p++ = (unsigned char)( ( cert_len       ) & 0xFF );
 
     if( session->peer_cert != NULL )
         memcpy( p, session->peer_cert->raw.p, cert_len );
@@ -219,14 +219,14 @@
     size_t cert_len;
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 
-    if( p + sizeof( mbedtls_ssl_session ) > end )
+    if( sizeof( mbedtls_ssl_session ) > (size_t)( end - p ) )
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
 
     memcpy( session, p, sizeof( mbedtls_ssl_session ) );
     p += sizeof( mbedtls_ssl_session );
 
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
-    if( p + 3 > end )
+    if( 3 > (size_t)( end - p ) )
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
 
     cert_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2];
@@ -240,7 +240,7 @@
     {
         int ret;
 
-        if( p + cert_len > end )
+        if( cert_len > (size_t)( end - p ) )
             return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
 
         session->peer_cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
@@ -251,7 +251,7 @@
         mbedtls_x509_crt_init( session->peer_cert );
 
         if( ( ret = mbedtls_x509_crt_parse_der( session->peer_cert,
-                                        p, cert_len ) ) != 0 )
+                                                p, cert_len ) ) != 0 )
         {
             mbedtls_x509_crt_free( session->peer_cert );
             mbedtls_free( session->peer_cert );
commit	1d990feb9642a0e509180d949aac6da1dea8ba2c	[log] [tgz]
author	Jaeden Amero <jaeden.amero@arm.com>	Thu Dec 06 16:05:49 2018 +0000
committer	Jaeden Amero <jaeden.amero@arm.com>	Fri Dec 07 10:39:07 2018 +0000
tree	a4e3b9390920077e895ee5fe1ad896dcb4604e62
parent	51762e87c810a569ed19a1b962d4f825547e8dc9 [diff]
parent	b7b0699156e2d9d123e037be67ebe1dbf256e23a [diff]