Add tests for CVE-2014-3511.
Also change MaxHandshakeRecordLength to 1 in the handshake coverage tests to
better stress the state machine.
Change-Id: I27fce2c000b3d4818fd2e9a47fb09d3f646dd1bd
Reviewed-on: https://boringssl-review.googlesource.com/1452
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/test/runner/conn.go b/ssl/test/runner/conn.go
index 52582ad..f3e2495 100644
--- a/ssl/test/runner/conn.go
+++ b/ssl/test/runner/conn.go
@@ -714,6 +714,8 @@
// c.out.Mutex <= L.
func (c *Conn) writeRecord(typ recordType, data []byte) (n int, err error) {
b := c.out.newBlock()
+ first := true
+ isClientHello := typ == recordTypeHandshake && len(data) > 0 && data[0] == typeClientHello
for len(data) > 0 {
m := len(data)
if m > maxPlaintext {
@@ -721,9 +723,16 @@
}
if typ == recordTypeHandshake && c.config.Bugs.MaxHandshakeRecordLength > 0 && m > c.config.Bugs.MaxHandshakeRecordLength {
m = c.config.Bugs.MaxHandshakeRecordLength
+ // By default, do not fragment the client_version or
+ // server_version, which are located in the first 6
+ // bytes.
+ if first && isClientHello && !c.config.Bugs.FragmentClientVersion && m < 6 {
+ m = 6
+ }
}
explicitIVLen := 0
explicitIVIsSeq := false
+ first = false
var cbc cbcMode
if c.out.version >= VersionTLS11 {