mirror of
https://github.com/adulau/ssldump.git
synced 2024-12-22 16:05:58 +00:00
Abort properly on decode error
This commit is contained in:
parent
cc1e752167
commit
2d3d5d8045
2 changed files with 12 additions and 6 deletions
|
@ -124,7 +124,7 @@ int process_v2_hello(ssl,seg)
|
|||
ABORT(SSL_BAD_CONTENT_TYPE);
|
||||
d.len--;
|
||||
|
||||
SSL_DECODE_UINT16(ssl,"Version number",P_DC,&d,&ver);
|
||||
SSL_DECODE_UINT16_ABORT(ssl,"Version number",P_DC,&d,&ver);
|
||||
/* We can't handle real v2 clients*/
|
||||
if(ver<=2){
|
||||
explain(ssl,"Version 2 Client.\n");
|
||||
|
@ -146,9 +146,9 @@ int process_v2_hello(ssl,seg)
|
|||
ver&0xff);
|
||||
LF;
|
||||
}
|
||||
SSL_DECODE_UINT16(ssl,"cipher_spec_length",P_DC,&d,&cs_len);
|
||||
SSL_DECODE_UINT16(ssl,"session_id_length",P_DC,&d,&sid_len);
|
||||
SSL_DECODE_UINT16(ssl,"challenge_length",P_DC,&d,&chall_len);
|
||||
SSL_DECODE_UINT16_ABORT(ssl,"cipher_spec_length",P_DC,&d,&cs_len);
|
||||
SSL_DECODE_UINT16_ABORT(ssl,"session_id_length",P_DC,&d,&sid_len);
|
||||
SSL_DECODE_UINT16_ABORT(ssl,"challenge_length",P_DC,&d,&chall_len);
|
||||
|
||||
if(cs_len%3){
|
||||
fprintf(stderr,"Bad cipher spec length %d\n",cs_len);
|
||||
|
@ -161,7 +161,7 @@ int process_v2_hello(ssl,seg)
|
|||
for(;cs_len;cs_len-=3){
|
||||
UINT4 val;
|
||||
|
||||
SSL_DECODE_UINT24(ssl,0,0,&d,&val);
|
||||
SSL_DECODE_UINT24_ABORT(ssl,0,0,&d,&val);
|
||||
ssl_print_cipher_suite(ssl,ver,P_HL,val);
|
||||
P_(P_HL){
|
||||
explain(ssl,"\n");
|
||||
|
@ -178,7 +178,7 @@ int process_v2_hello(ssl,seg)
|
|||
ABORT(SSL_BAD_DATA);
|
||||
}
|
||||
|
||||
SSL_DECODE_OPAQUE_ARRAY(ssl,0,chall_len,
|
||||
SSL_DECODE_OPAQUE_ARRAY_ABORT(ssl,0,chall_len,
|
||||
0,&d,&chall);
|
||||
P_(P_DC){
|
||||
exdump(ssl,"Challenge",&chall);
|
||||
|
|
|
@ -88,6 +88,12 @@ int exstr PROTO_LIST((ssl_obj *ssl,char *name,Data *data));
|
|||
#define SSL_DECODE_UINT32(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,4,b,c,d))) ERETURN(r)
|
||||
#define SSL_DECODE_OPAQUE_ARRAY(a,n,b,c,d,e) if((r=ssl_decode_opaque_array(a,n,b,c,d,e))) ERETURN(r)
|
||||
#define SSL_DECODE_ENUM(a,b,c,d,e,f,g) if((r=ssl_decode_enum(a,b,c,d,e,f,g))) ERETURN(r)
|
||||
#define SSL_DECODE_UINT8_ABORT(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,1,b,c,d))) ABORT(r)
|
||||
#define SSL_DECODE_UINT16_ABORT(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,2,b,c,d))) ABORT(r)
|
||||
#define SSL_DECODE_UINT24_ABORT(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,3,b,c,d))) ABORT(r)
|
||||
#define SSL_DECODE_UINT32_ABORT(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,4,b,c,d))) ABORT(r)
|
||||
#define SSL_DECODE_OPAQUE_ARRAY_ABORT(a,n,b,c,d,e) if((r=ssl_decode_opaque_array(a,n,b,c,d,e))) ABORT(r)
|
||||
#define SSL_DECODE_ENUM_ABORT(a,b,c,d,e,f,g) if((r=ssl_decode_enum(a,b,c,d,e,f,g))) ABORT(r)
|
||||
#define P_(p) if((p==SSL_PRINT_ALL) || (p & SSL_print_flags))
|
||||
|
||||
#define INDENT if(!(NET_print_flags & NET_PRINT_JSON)) do {int i; for(i=0;i<(ssl->indent_depth + ssl->indent_name_len);i++) printf("%s",SSL_print_flags & SSL_PRINT_NROFF?" ":" ");} while(0)
|
||||
|
|
Loading…
Reference in a new issue