From 6b289a8b76e7a6fec1d5f2d856995bb549907c4f Mon Sep 17 00:00:00 2001
From: Peter Wu <peter@lekensteyn.nl>
Date: Sat, 13 May 2017 19:21:45 +0200
Subject: ssl,dtls: fix message hash for extended_master_secret

The handshake_messages for extended master secret start at Client Hello
and end at ClientKeyExchange. Previously all handshake messages in a
record would be hashed, possibly covering those after CKE. Now it will
hash each handshake message separately.

For DTLS, the CH and HVR messages must also be ignored. Additionally,
DTLS needs special treatment to merge multiple fragments.

Bug: 13704
Change-Id: I0c8f19b4c352c0195848ded319b6991d76542720
Reviewed-on: https://code.wireshark.org/review/21625
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
---
 epan/dissectors/packet-ssl-utils.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'epan/dissectors/packet-ssl-utils.c')

diff --git a/epan/dissectors/packet-ssl-utils.c b/epan/dissectors/packet-ssl-utils.c
index f3edf9a683..e26926d12e 100644
--- a/epan/dissectors/packet-ssl-utils.c
+++ b/epan/dissectors/packet-ssl-utils.c
@@ -8496,7 +8496,11 @@ ssl_calculate_handshake_hash(SslDecryptSession *ssl_session, tvbuff_t *tvb, guin
         guint32 old_length = ssl_session->handshake_data.data_len;
         ssl_debug_printf("Calculating hash with offset %d %d\n", offset, length);
         ssl_session->handshake_data.data = (guchar *)wmem_realloc(wmem_file_scope(), ssl_session->handshake_data.data, old_length + length);
-        tvb_memcpy(tvb, ssl_session->handshake_data.data + old_length, offset, length);
+        if (tvb) {
+            tvb_memcpy(tvb, ssl_session->handshake_data.data + old_length, offset, length);
+        } else {
+            memset(ssl_session->handshake_data.data + old_length, 0, length);
+        }
         ssl_session->handshake_data.data_len += length;
     }
 }
-- 
cgit v1.2.1