Mercurial > hg > openjdk > jdk8u > jdk

changeset 14453:79198fff6d1d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8228757: Fail fast if the handshake type is unknown Reviewed-by: jnimeh, sgehwolf
author xuelei
date Mon, 19 Aug 2019 12:56:48 -0700
parents 7b979289680f
children ba0e36b4275f
files src/share/classes/sun/security/ssl/SSLEngineInputRecord.java src/share/classes/sun/security/ssl/SSLHandshake.java src/share/classes/sun/security/ssl/SSLSocketInputRecord.java
diffstat 3 files changed, 26 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/ssl/SSLEngineInputRecord.java	Mon Mar 08 16:38:21 2021 +0000
+++ b/src/share/classes/sun/security/ssl/SSLEngineInputRecord.java	Mon Aug 19 12:56:48 2019 -0700
@@ -287,8 +287,15 @@
                 }
 
                 handshakeFrag.mark();
-                // skip the first byte: handshake type
+
+                // Fail fast for unknown handshake message.
                 byte handshakeType = handshakeFrag.get();
+                if (!SSLHandshake.isKnown(handshakeType)) {
+                    throw new SSLProtocolException(
+                        "Unknown handshake type size, Handshake.msg_type = " +
+                        (handshakeType & 0xFF));
+                }
+
                 int handshakeBodyLen = Record.getInt24(handshakeFrag);
                 if (handshakeBodyLen > SSLConfiguration.maxHandshakeMessageSize) {
                     throw new SSLProtocolException(
--- a/src/share/classes/sun/security/ssl/SSLHandshake.java	Mon Mar 08 16:38:21 2021 +0000
+++ b/src/share/classes/sun/security/ssl/SSLHandshake.java	Mon Aug 19 12:56:48 2019 -0700
@@ -478,6 +478,16 @@
         return "UNKNOWN-HANDSHAKE-MESSAGE(" + id + ")";
     }
 
+    static boolean isKnown(byte id) {
+        for (SSLHandshake hs : SSLHandshake.values()) {
+            if (hs.id == id && id != NOT_APPLICABLE.id) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
     static final void kickstart(HandshakeContext context) throws IOException {
         if (context instanceof ClientHandshakeContext) {
             // For initial handshaking, including session resumption,
--- a/src/share/classes/sun/security/ssl/SSLSocketInputRecord.java	Mon Mar 08 16:38:21 2021 +0000
+++ b/src/share/classes/sun/security/ssl/SSLSocketInputRecord.java	Mon Aug 19 12:56:48 2019 -0700
@@ -302,8 +302,15 @@
                 }
 
                 handshakeFrag.mark();
-                // skip the first byte: handshake type
+
+                // Fail fast for unknown handshake message.
                 byte handshakeType = handshakeFrag.get();
+                if (!SSLHandshake.isKnown(handshakeType)) {
+                    throw new SSLProtocolException(
+                        "Unknown handshake type size, Handshake.msg_type = " +
+                        (handshakeType & 0xFF));
+                }
+
                 int handshakeBodyLen = Record.getInt24(handshakeFrag);
                 if (handshakeBodyLen > SSLConfiguration.maxHandshakeMessageSize) {
                     throw new SSLProtocolException(