diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-09-16 14:03:54 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-09-19 08:12:48 +0000 |
| commit | 3a9e47de5935dc448d90b0a4634007463146c934 (patch) | |
| tree | b4181e144737f593e69ca1d1effe8f1a77278f4f | |
| parent | b072aff8565d64c9b9c6970996cc6ddd5f844bb4 (diff) | |
| download | gnutls-3a9e47de5935dc448d90b0a4634007463146c934.tar.gz | |
ecdh: return more appropriate error code on empty packet
This makes tlsfuzzer's test-x25519 detect the right error
code on empty message. Previously this issue was masked by our
refusal to accept 1-byte sized fragments.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| -rw-r--r-- | lib/auth/ecdhe.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/auth/ecdhe.c b/lib/auth/ecdhe.c index 7baee665cf..8f3ee8cfbf 100644 --- a/lib/auth/ecdhe.c +++ b/lib/auth/ecdhe.c @@ -156,6 +156,11 @@ int _gnutls_proc_ecdh_common_client_kx(gnutls_session_t session, point_size = data[i]; i += 1; + if (point_size == 0) { + ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH); + goto cleanup; + } + DECR_LEN(data_size, point_size); if (ecurve->pk == GNUTLS_PK_EC) { |