From: Alessandro Ghedini Date: Fri, 2 Oct 2015 12:38:30 +0000 (+0200) Subject: Validate ClientHello extension field length X-Git-Tag: OpenSSL_1_0_2e~65 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=184718baabed00fecbc89fdd84b44014fcd6c444;p=oweals%2Fopenssl.git Validate ClientHello extension field length RT#4069 Reviewed-by: Emilia Käsper Reviewed-by: Matt Caswell --- diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 210a5e8743..33af933ea9 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -2024,7 +2024,7 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, n2s(data, len); - if (data > (d + n - len)) + if (data + len != d + n) goto err; while (data <= (d + n - 4)) {