diff options
author | Dennis Jackson <djackson@mozilla.com> | 2023-05-05 09:16:15 +0000 |
---|---|---|
committer | Dennis Jackson <djackson@mozilla.com> | 2023-05-05 09:16:15 +0000 |
commit | caf041181aa300631acfe897a3e3e222c9632e53 (patch) | |
tree | ca1e12710d4c32aa625ce0f96b094678f08331da /lib | |
parent | 4a4054b5586eb7f1f3bc01afe9aa93a69a582dbe (diff) | |
download | nss-hg-caf041181aa300631acfe897a3e3e222c9632e53.tar.gz |
Bug 1786018 - Add explicit handling of zero length records. r=mt
This is based on the patch developed by Leander in D157183, but is a
little more explicit.
Co-Authored-By: Leander Schwarz
Differential Revision: https://phabricator.services.mozilla.com/D176157
Diffstat (limited to 'lib')
-rw-r--r-- | lib/ssl/ssl3con.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c index ef883b725..84246954a 100644 --- a/lib/ssl/ssl3con.c +++ b/lib/ssl/ssl3con.c @@ -13429,7 +13429,7 @@ ssl3_GetCipherSpec(sslSocket *ss, SSL3Ciphertext *cText) SECStatus ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText) { - SECStatus rv; + SECStatus rv = SECFailure; PRBool isTLS, isTLS13; DTLSEpoch epoch; ssl3CipherSpec *spec = NULL; @@ -13555,8 +13555,13 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText) * Additionaly, this is used to silently drop DTLS encryption/record * errors/alerts using the error handling below as suggested in the * DTLS specification [RFC6347, Section 4.1.2.7]. */ - if (spec->version < SSL_LIBRARY_VERSION_TLS_1_3 || - spec->epoch == 0) { + if (spec->cipherDef->cipher == cipher_null && cText->buf->len == 0) { + /* Handle a zero-length unprotected record + * In this case, we treat it as a no-op and let later functions decide + * whether to ignore or alert accordingly. */ + PR_ASSERT(plaintext->len == 0); + rv = SECSuccess; + } else if (spec->version < SSL_LIBRARY_VERSION_TLS_1_3 || spec->epoch == 0) { rv = ssl3_UnprotectRecord(ss, spec, cText, plaintext, &alert); } else { rv = tls13_UnprotectRecord(ss, spec, cText, plaintext, &rType, |