From: jsing <jsing@openbsd.org>
Date: Fri, 3 Sep 2021 13:18:17 +0000 (+0000)
Subject: Ensure that a server hello does not have trailing data.
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=4d783bdb519709114ba8ae52a1552658c372a9d6;p=openbsd

Ensure that a server hello does not have trailing data.

Found by tlsfuzzer.

ok beck@
---

diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c
index e27a0735b6e..ddab394db94 100644
--- a/lib/libssl/ssl_clnt.c
+++ b/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.110 2021/09/02 14:41:03 beck Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.111 2021/09/03 13:18:17 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1065,6 +1065,9 @@ ssl3_get_server_hello(SSL *s)
 		goto fatal_err;
 	}
 
+	if (CBS_len(&cbs) != 0)
+		goto decode_err;
+
 	/*
 	 * Determine if we need to see RI. Strictly speaking if we want to
 	 * avoid an attack we should *always* see RI even on initial server