projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 17689e7)
Fix Kerberos issue in ssl_session_dup
authorMatt Caswell <matt@openssl.org>
Wed, 10 Jun 2015 08:32:34 +0000 (09:32 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 10 Jun 2015 09:05:17 +0000 (10:05 +0100)
The fix for CVE-2015-1791 introduced an error in ssl_session_dup for
Kerberos.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit dcad51bc13c9b716d9a66248bcc4038c071ff158)

ssl/ssl_sess.c patch | blob | history

diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 9baa090d824d5c80a50c6fa684a4bfb9453187c2..d3bac0bb9f4444ebf77d767fc061e84f5b11827e 100644 (file)
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -150,7 +150,7 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
     memcpy(dest, src, sizeof(*dest));
 
 #ifndef OPENSSL_NO_KRB5
-    dest->krb5_client_princ_len = dest->krb5_client_princ_len;
+    dest->krb5_client_princ_len = src->krb5_client_princ_len;
     if (src->krb5_client_princ_len > 0)
         memcpy(dest->krb5_client_princ, src->krb5_client_princ,
                src->krb5_client_princ_len);
Unnamed repository; edit this file 'description' to name the repository.