Am 28.06.22 um 11:41 schrieb Antonio Quartulli:
The tls-crypt-v2 key should be at least 2 bytes long in order to read
the actual length.
Bail out if the key is too short.
Failing to do so will lead to a read out of the buffer boundary.
Actually not. We read from BEND(), so this is defined for TCP since the
minimum length there is 3 bytes (pkt len + opcode). For UDP we might
read past the beginning of the packet but since they are buffers coming
from the packet stack we have the headroom/tailroom, so might read some
random data (but not out of bound!).
So we copy some more or less random number into net_len/wkc_len but
without actually reading from undefined memory.
The next line will then almost definitively fail
if (!buf_advance(&wrapped_client_key, BLEN(&wrapped_client_key) -
wkc_len))
Since BLEN(wrapped_client_key) is 0 or 1 or wkc_len has to be 0 or 1 to
not fail this check
and then in turn
tls_crypt_v2_unwrap_client_key
will fail at
if (BLEN(&wrapped_client_key) < sizeof(net_len))
While at it improve the error message a bit.
Acked-BY: Arne Schwabe <a...@rfc2549.org>
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
