]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c5b0f5c) | patch
Check for ClientHello message overruns
authorMatt Caswell <matt@openssl.org>
Fri, 10 Apr 2015 16:25:27 +0000 (17:25 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 14 Apr 2015 13:53:58 +0000 (14:53 +0100)
commiteeda966123e96e890ad56bfcaaec82d07b36e26a
tree7a8435da4c89bf29c346d4635c5c62c7829bf496tree | snapshot
parentc5b0f5c46309421da2fba3bd2363bbc80af385b1commit | diff
Check for ClientHello message overruns

The ClientHello processing is insufficiently rigorous in its checks to make
sure that we don't read past the end of the message. This does not have
security implications due to the size of the underlying buffer - but still
needs to be fixed.

With thanks to Qinghao Tang for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit c9642eb1ff79a30e2c7632ef8267cc34cc2b0d79)
ssl/s3_srvr.c diff | blob | blame | history
A mirror of the official openssl repository