From 69c9739b6d9b8f8ec1a9afdd18fa74d386c7ef74 Mon Sep 17 00:00:00 2001 From: Andre Noll Date: Sun, 7 May 2023 16:40:26 +0200 Subject: [PATCH] client: Check buffer size returned by apc_priv_decrypt(). The decoded challenge buffer contains the challenge and the two session keys but nothing else. So we know its size up-front and should fail the handshake if the size of the rsa-decrypted buffer differs. --- client_common.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/client_common.c b/client_common.c index fe8234f9..32a94492 100644 --- a/client_common.c +++ b/client_common.c @@ -342,6 +342,10 @@ static int client_post_monitor(struct sched *s, void *context) free(sbb.iov.iov_base); if (ret < 0) goto out; + if (ret != APC_CHALLENGE_SIZE + 2 * SESSION_KEY_LEN) { + ret = -E_DECRYPT; + goto out; + } ct->challenge_hash = alloc(HASH2_SIZE); if (has_feature("sha256", ct)) { hash2_function((char *)crypt_buf, APC_CHALLENGE_SIZE, -- 2.39.5