Fix memory leak with crafted ClientHello

2014-10-17 12:42:11 +02:00 · 2014-10-17 12:42:11 +02:00 · 43c3b28ca6
commit 43c3b28ca6
parent 5d8618539f
2 changed files with 10 additions and 0 deletions
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@ -528,6 +528,13 @@ static int ssl_parse_supported_elliptic_curves( ssl_context *ssl,
        return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
    }

+    /* Should never happen unless client duplicates the extension */
+    if( ssl->handshake->curves != NULL )
+    {
+        SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
    /* Don't allow our peer to make us allocate too much memory,
     * and leave room for a final 0 */
    our_size = list_size / 2 + 1;