diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-09-16 14:03:54 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-09-18 15:47:57 +0200 |
commit | 84bf1fe4f579b8f1ef0096f54ebe746ef374268b (patch) | |
tree | d8bd9bafaf73039c5835d22d9c5e0fcdafae35dd | |
parent | 34c560c3d62cdeb6cbd8e71c5dd621a8491fb9d2 (diff) | |
download | gnutls-84bf1fe4f579b8f1ef0096f54ebe746ef374268b.tar.gz |
ecdh: return more appropriate error code on empty packet
This makes tlsfuzzer's test-x25519 detect the right error
code on empty message. Previously this issue was masked by our
refusal to accept 1-byte sized fragments.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-rw-r--r-- | lib/auth/ecdhe.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/auth/ecdhe.c b/lib/auth/ecdhe.c index 7baee665cf..8f3ee8cfbf 100644 --- a/lib/auth/ecdhe.c +++ b/lib/auth/ecdhe.c @@ -156,6 +156,11 @@ int _gnutls_proc_ecdh_common_client_kx(gnutls_session_t session, point_size = data[i]; i += 1; + if (point_size == 0) { + ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH); + goto cleanup; + } + DECR_LEN(data_size, point_size); if (ecurve->pk == GNUTLS_PK_EC) { |