From: Dr. Stephen Henson <steve@openssl.org>
Date: Wed, 24 Mar 2010 13:16:42 +0000 (+0000)
Subject: Submitted by: Bodo Moeller and Adam Langley (Google).
X-Git-Tag: OpenSSL_0_9_8n~1
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=354f92d66ad9b0aa83bb0eb6e6faf6c9bbab13d0;p=oweals%2Fopenssl.git

Submitted by: Bodo Moeller and Adam Langley (Google).

Fix for "Record of death" vulnerability CVE-2010-0740.
---

diff --git a/CHANGES b/CHANGES
index ce053771e3..b350da79f6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,7 +2,16 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 0.9.8m and 0.9.8n [xx XXX xxxx]
+ Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
+
+  *) When rejecting SSL/TLS records due to an incorrect version number, never
+     update s->server with a new major version number.  As of
+     - OpenSSL 0.9.8m if 'short' is a 16-bit type,
+     - OpenSSL 0.9.8f if 'short' is longer than 16 bits,
+     the previous behavior could result in a read attempt at NULL when
+     receiving specific incorrect SSL/TLS records once record payload
+     protection is active.  (CVE-2010-0740)
+     [Bodo Moeller, Adam Langley <agl@chromium.org>]
 
   *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL 
      could be crashed if the relevant tables were not present (e.g. chrooted).
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index a2ba5748d5..5e3583c04d 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -291,9 +291,9 @@ again:
 			if (version != s->version)
 				{
 				SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
-				/* Send back error using their
-				 * version number :-) */
-				s->version=version;
+                                if ((s->version & 0xFF00) == (version & 0xFF00))
+                                	/* Send back error using their minor version number :-) */
+					s->version = (unsigned short)version;
 				al=SSL_AD_PROTOCOL_VERSION;
 				goto f_err;
 				}