[openssl.org #3301] [PATCH] Silently discard too long heartbeat messages per RFC 6520

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[openssl.org #3301] [PATCH] Silently discard too long heartbeat messages per RFC 6520

Rich Salz via RT
RFC 6520, section 4 states that

  "The total length of a HeartbeatMessage MUST NOT exceed 2^14 or
   max_fragment_length when negotiated as defined in [RFC6066]."

and

  "If the payload_length of a received HeartbeatMessage is too large,
   the received HeartbeatMessage MUST be discarded silently."

The attached patch against git adds a check to silently discard heartbeat
messages longer than 2^14 bytes.

The max_fragment_length negotiation is not allowed to increase
this value. RFC 6066 allows 2^9, 2^10, 2^11, or 2^12 as negotiated
max_fragment_length values.

Thanks,
Erik


diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index d8bcd58..cf74fc2 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -1338,6 +1338,8 @@ dtls1_process_heartbeat(SSL *s)
  /* Read type and payload length first */
  if (1 + 2 + 16 > s->s3->rrec.length)
  return 0; /* silently discard */
+ if (s->s3->rrec.length > SSL3_RT_MAX_PLAIN_LENGTH)
+ return 0; /* silently discard per RFC 6520 sec. 4 */
  hbtype = *p++;
  n2s(p, payload);
  if (1 + 2 + payload + 16 > s->s3->rrec.length)
Reply | Threaded
Open this post in threaded view
|

Re: [openssl.org #3301] [PATCH] Silently discard too long heartbeat messages per RFC 6520

Peter Dettman
Hi Erik,
Presumably this restriction is already enforced at the record level for
all message types?

Regards,
Pete Dettman

On 11/04/2014 9:43 PM, Erik Auerswald via RT wrote:

> RFC 6520, section 4 states that
>
>    "The total length of a HeartbeatMessage MUST NOT exceed 2^14 or
>     max_fragment_length when negotiated as defined in [RFC6066]."
>
> and
>
>    "If the payload_length of a received HeartbeatMessage is too large,
>     the received HeartbeatMessage MUST be discarded silently."
>
> The attached patch against git adds a check to silently discard heartbeat
> messages longer than 2^14 bytes.
>
> The max_fragment_length negotiation is not allowed to increase
> this value. RFC 6066 allows 2^9, 2^10, 2^11, or 2^12 as negotiated
> max_fragment_length values.
>
> Thanks,
> Erik
>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]