From: Pauli <ppzgs1@gmail.com>
Date: Wed, 17 Mar 2021 02:00:42 +0000 (+1000)
Subject: ssl: fix coverity 1451515: out of bounds memory access
X-Git-Tag: openssl-3.0.0-alpha14~217
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3de7f014a985637361bdee775f78209300c88aae;p=thirdparty%2Fopenssl.git

ssl: fix coverity 1451515: out of bounds memory access

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14585)
---

diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index e7917be4fbb..666ee43363c 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2767,6 +2767,7 @@ static int tls_construct_cke_psk_preamble(SSL *s, WPACKET *pkt)
 
     if (psklen > PSK_MAX_PSK_LEN) {
         SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, ERR_R_INTERNAL_ERROR);
+        psklen = PSK_MAX_PSK_LEN;   /* Avoid overrunning the array on cleanse */
         goto err;
     } else if (psklen == 0) {
         SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_PSK_IDENTITY_NOT_FOUND);