projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: dafa953) | patch
Check for ClientHello message overruns
authorMatt Caswell <matt@openssl.org>
Fri, 10 Apr 2015 16:25:27 +0000 (17:25 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 14 Apr 2015 13:51:57 +0000 (14:51 +0100)
commit923552bd5de08997523bd6d25323217fab5e83be
tree2db8375370059f5382c7c37800c75b07987dd4a6tree | snapshot
parentdafa9534de489bbb0c496eae628cacadcdd01821commit | diff
Check for ClientHello message overruns

The ClientHello processing is insufficiently rigorous in its checks to make
sure that we don't read past the end of the message. This does not have
security implications due to the size of the underlying buffer - but still
needs to be fixed.

With thanks to Qinghao Tang for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit c9642eb1ff79a30e2c7632ef8267cc34cc2b0d79)
ssl/s3_srvr.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.