diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-10-17 09:27:36 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-01-27 16:09:53 +0100 |
commit | 86e9eea40785c5ade52bf4919ed0e13704bde6f1 (patch) | |
tree | 78c0220761a3e440c049d5ef889feab6cba1bbea | |
parent | 98fb668933b2053c533b6544257e644e3ac64f25 (diff) | |
download | gnutls-86e9eea40785c5ade52bf4919ed0e13704bde6f1.tar.gz |
certificate request: corrected parsing of signature algorithms
That fixes an issue in TLS 1.3 certificate request message parsing.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | lib/tls13/certificate_request.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/lib/tls13/certificate_request.c b/lib/tls13/certificate_request.c index 252762033a..959603f477 100644 --- a/lib/tls13/certificate_request.c +++ b/lib/tls13/certificate_request.c @@ -75,6 +75,16 @@ int parse_cert_extension(void *_ctx, uint16_t tls_id, const uint8_t *data, int d session->internals.hsk_flags |= HSK_CRT_REQ_GOT_SIG_ALGO; + if (data_size < 2) + return gnutls_assert_val(GNUTLS_E_TLS_PACKET_DECODING_ERROR); + + ret = _gnutls_read_uint16(data); + if (ret != data_size-2) + return gnutls_assert_val(GNUTLS_E_TLS_PACKET_DECODING_ERROR); + + data += 2; + data_size -= 2; + ret = _gnutls_sign_algorithm_parse_data(session, data, data_size); if (ret < 0) return gnutls_assert_val(ret); |