dtls.c: Fix handling ClientHello if no peer and fragment

If a fragmented ClientHello is received with no peer, do not handle it. Signed-off-by: Jon Shallow <[email protected]>
eclipse · Mar 24, 2021 · ddcc45b · ddcc45b
1 parent 94205ff
commit ddcc45b
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/dtls.c b/dtls.c
@@ -3676,6 +3676,11 @@ handle_handshake(dtls_context_t *ctx, dtls_peer_t *peer, session_t *session,
   size_t fragment_offset = dtls_uint24_to_int(hs_header->fragment_offset);
 
   if (packet_length > fragment_length){
+    if (!peer || !peer->handshake_params) {
+      /* This is the initial ClientHello */
+      dtls_alert("Cannot handle fragmented ClientHello\n");
+      return dtls_alert_fatal_create(DTLS_ALERT_HANDSHAKE_FAILURE);
+    }
     dtls_debug("received fragmented handshake packet: length %zu, fragment length %zu.\n",
                packet_length, fragment_length);
     /* If (reassembled) packet is larger than our buffer, drop with error */