Fix possible client crash on API misuse
diff --git a/ChangeLog b/ChangeLog
index 2030ceb..8c602fa 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,11 @@
= mbed TLS 1.3.13 reladsed 2015-??-??
+Security
+ * Fix possible client-side NULL pointer dereference (read) when the client
+ tries to continue the handshake after it failed (a misuse of the API).
+ (Found by GDS Labs using afl-fuzz, patch provided by GDS Labs.)
+
Bugfix
* Setting SSL_MIN_DHM_BYTES in config.h had no effect (overriden in ssl.h)
(found by Fabio Solari) (#256)
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 7f46cbb..f603cff 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -1602,6 +1602,12 @@
ssl->handshake->pmslen = 48;
+ if( ssl->session_negotiate->peer_cert == NULL )
+ {
+ SSL_DEBUG_MSG( 2, ( "certificate required" ) );
+ return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
+ }
+
/*
* Now write it out, encrypted
*/
@@ -1699,6 +1705,12 @@
int ret;
const ecp_keypair *peer_key;
+ if( ssl->session_negotiate->peer_cert == NULL )
+ {
+ SSL_DEBUG_MSG( 2, ( "certificate required" ) );
+ return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
+ }
+
if( ! pk_can_do( &ssl->session_negotiate->peer_cert->pk,
POLARSSL_PK_ECKEY ) )
{
@@ -2012,6 +2024,12 @@
SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen != 0 ? hashlen :
(unsigned int) ( md_info_from_type( md_alg ) )->size );
+ if( ssl->session_negotiate->peer_cert == NULL )
+ {
+ SSL_DEBUG_MSG( 2, ( "certificate required" ) );
+ return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
+ }
+
/*
* Verify signature
*/