BUG/MEDIUM: quic: Possible buffer overflow when building TLS records
This bug impacts only the OpenSSL QUIC compatibility module (USE_QUIC_OPENSSL_COMPAT).
This may happen only when the TLS stack has to be provided with more than 1024+1+5+16
bytes of CRYPTO data. In this case several TLS records have to be built in one
call to SSL_provide_quic_data(). A 5-bytes header is created at the head
of these records. This header is used as AAD to cipher the record. But
the length of this AAD was counted two times. One time here in
quic_tls_compat_create_record() (initialization):
adlen = quic_tls_compat_create_header(qc, rec, ad, 0);
and a second time here in the same function after quic_tls_tls_seal() return:
ret = aad_len + outlen;
This addition is useless. Note that this bug could be reproduced when haproxy has
to authenticate the client.
Thank you to @vifino for having reported this issue in GH #2381.
Must be backported to 2.8.
This commit is contained in:
Frédéric Lécaille
William Lallemand
parent
75a51dfc3f
commit
c075e4f2fc
|
|
@ -347,7 +347,7 @@ static int quic_tls_compat_create_record(struct quic_conn *qc,
|
|||
nonce, rec->payload, rec->payload_len, ad, adlen))
|
||||
goto leave;
|
||||
|
||||
ret = adlen + outlen;
|
||||
ret = outlen;
|
||||
leave:
|
||||
TRACE_LEAVE(QUIC_EV_CONN_SSL_COMPAT, qc);
|
||||
return ret;
|
||||
|
|
|
|||
Loading…
Reference in New Issue