projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2e3e3d2) | patch
Premaster secret handling fixes
authorAdam Langley <agl@chromium.org>
Tue, 16 Dec 2014 13:03:47 +0000 (14:03 +0100)
committerEmilia Kasper <emilia@openssl.org>
Wed, 17 Dec 2014 13:04:14 +0000 (14:04 +0100)
commit40c2812f5656b1c78fa18b14c264fd48421c2d24
treef41436ad3afd7698152e25fe6e04b54606de1e9dtree | snapshot
parent2e3e3d278ec4984d352c65e2df8270ecf658d5b4commit | diff
Premaster secret handling fixes

From BoringSSL
- Send an alert when the client key exchange isn't correctly formatted.
- Reject overly short RSA ciphertexts to avoid a (benign) out-of-bounds memory access.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 4aecfd4d9f366c849c9627ab666d1b1addc024e6)
ssl/s3_srvr.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.