Skip to content

Commit 6b3dec4

Browse files
JacobBarthelmehJacobBarthelmeh
committed
additional sanity check on number of groups passed to set groups function
1 parent 350706d commit 6b3dec4

2 files changed

Lines changed: 22 additions & 0 deletions

File tree

src/ssl.c

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3041,6 +3041,10 @@ int wolfSSL_CTX_set1_groups(WOLFSSL_CTX* ctx, int* groups,
30413041
WOLFSSL_MSG("Group count is zero");
30423042
return WOLFSSL_FAILURE;
30433043
}
3044+
if (count > WOLFSSL_MAX_GROUP_COUNT) {
3045+
WOLFSSL_MSG("Group count exceeds maximum");
3046+
return WOLFSSL_FAILURE;
3047+
}
30443048
for (i = 0; i < count; i++) {
30453049
if (isValidCurveGroup((word16)groups[i])) {
30463050
_groups[i] = groups[i];
@@ -3076,6 +3080,10 @@ int wolfSSL_set1_groups(WOLFSSL* ssl, int* groups, int count)
30763080
WOLFSSL_MSG("Group count is zero");
30773081
return WOLFSSL_FAILURE;
30783082
}
3083+
if (count > WOLFSSL_MAX_GROUP_COUNT) {
3084+
WOLFSSL_MSG("Group count exceeds maximum");
3085+
return WOLFSSL_FAILURE;
3086+
}
30793087
for (i = 0; i < count; i++) {
30803088
if (isValidCurveGroup((word16)groups[i])) {
30813089
_groups[i] = groups[i];

tests/api/test_tls13.c

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -119,6 +119,9 @@ int test_tls13_apis(void)
119119
int bad_groups[2] = { 0xDEAD, 0xBEEF };
120120
#endif /* !NO_WOLFSSL_SERVER || !NO_WOLFSSL_CLIENT */
121121
int numGroups = 2;
122+
#if defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_CLIENT)
123+
int too_many_groups[WOLFSSL_MAX_GROUP_COUNT + 1];
124+
#endif
122125
#endif
123126
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
124127
char groupList[] =
@@ -605,6 +608,17 @@ int test_tls13_apis(void)
605608
#endif
606609
ExpectIntEQ(wolfSSL_CTX_set1_groups_list(NULL, groupList),
607610
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
611+
#ifndef NO_WOLFSSL_CLIENT
612+
{
613+
int idx;
614+
for (idx = 0; idx < WOLFSSL_MAX_GROUP_COUNT + 1; idx++)
615+
too_many_groups[idx] = WOLFSSL_ECC_SECP256R1;
616+
}
617+
ExpectIntEQ(wolfSSL_CTX_set1_groups(clientCtx, too_many_groups,
618+
WOLFSSL_MAX_GROUP_COUNT + 1), WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
619+
ExpectIntEQ(wolfSSL_set1_groups(clientSsl, too_many_groups,
620+
WOLFSSL_MAX_GROUP_COUNT + 1), WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
621+
#endif
608622
#ifndef NO_WOLFSSL_CLIENT
609623
#ifndef WOLFSSL_NO_TLS12
610624
ExpectIntEQ(wolfSSL_CTX_set1_groups_list(clientTls12Ctx, groupList),

0 commit comments

Comments
 (0)