projects
/
oweals
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
cb972a4
)
Fix Kerberos issue in ssl_session_dup
author
Matt Caswell
<matt@openssl.org>
Wed, 10 Jun 2015 08:32:34 +0000
(09:32 +0100)
committer
Matt Caswell
<matt@openssl.org>
Wed, 10 Jun 2015 09:02:16 +0000
(10:02 +0100)
The fix for CVE-2015-1791 introduced an error in ssl_session_dup for
Kerberos.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit
dcad51bc13c9b716d9a66248bcc4038c071ff158
)
ssl/ssl_sess.c
patch
|
blob
|
history
diff --git
a/ssl/ssl_sess.c
b/ssl/ssl_sess.c
index e673f9c62137dde84e44c4cafa345414b6772e38..8325cb316bd93271a5cfa3a142380307ade10258 100644
(file)
--- a/
ssl/ssl_sess.c
+++ b/
ssl/ssl_sess.c
@@
-242,7
+242,7
@@
SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
memcpy(dest, src, sizeof(*dest));
#ifndef OPENSSL_NO_KRB5
- dest->krb5_client_princ_len =
dest
->krb5_client_princ_len;
+ dest->krb5_client_princ_len =
src
->krb5_client_princ_len;
if (src->krb5_client_princ_len > 0)
memcpy(dest->krb5_client_princ, src->krb5_client_princ,
src->krb5_client_princ_len);