PR: 2739
authorDr. Stephen Henson <steve@openssl.org>
Mon, 27 Feb 2012 16:38:10 +0000 (16:38 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Mon, 27 Feb 2012 16:38:10 +0000 (16:38 +0000)
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix padding bugs in Heartbeat support.

ssl/d1_both.c
ssl/t1_lib.c

index 0a84f957118afa9804451add380eca4719a9765e..48db2464247c0b16d13aadb398cb6e4e864bbca3 100644 (file)
@@ -1478,8 +1478,9 @@ dtls1_process_heartbeat(SSL *s)
                *bp++ = TLS1_HB_RESPONSE;
                s2n(payload, bp);
                memcpy(bp, pl, payload);
+               bp += payload;
                /* Random padding */
-               RAND_pseudo_bytes(p, padding);
+               RAND_pseudo_bytes(bp, padding);
 
                r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding);
 
index f28e0638ef503bb89408da698544a28223a956ea..57d1107e4034564e22d71c73cd3125d14143efc4 100644 (file)
@@ -2467,7 +2467,10 @@ tls1_process_heartbeat(SSL *s)
                *bp++ = TLS1_HB_RESPONSE;
                s2n(payload, bp);
                memcpy(bp, pl, payload);
-               
+               bp += payload;
+               /* Random padding */
+               RAND_pseudo_bytes(bp, padding);
+
                r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding);
 
                if (r >= 0 && s->msg_callback)