From 3115eb49953fa7c380dc9b2d49e8049c9b0c318e Mon Sep 17 00:00:00 2001 From: Anders Kaseorg Date: Wed, 11 Jan 2012 19:07:12 -0500 Subject: [PATCH] sslSNICallback: Properly disallow invalid characters Completely discard hostnames containing invalid characters, instead of merely replacing the invalid characters with uninitialized memory. Signed-off-by: Anders Kaseorg --- libhttp/ssl.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/libhttp/ssl.c b/libhttp/ssl.c index 8e3ae02..c8de457 100755 --- a/libhttp/ssl.c +++ b/libhttp/ssl.c @@ -572,18 +572,14 @@ static int sslSNICallback(SSL *sslHndl, int *al ATTR_UNUSED, } else if (ch != '\000' && ch != '.' && ch != '-' && (ch < '0' ||(ch > '9' && ch < 'A') || (ch > 'Z' && ch < 'a')|| ch > 'z')) { - i++; - continue; + free(serverName); + return SSL_TLSEXT_ERR_OK; } serverName[++i] = ch; if (!ch) { break; } } - if (!*serverName) { - free(serverName); - return SSL_TLSEXT_ERR_OK; - } SSL_CTX *context = (SSL_CTX *)getFromTrie(&ssl->sniContexts, serverName+1, NULL);