From 897169fdf06bf75b4d0c503d61abb45656dd90a6 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Fri, 16 May 2014 12:55:16 +0100 Subject: [PATCH] Additional CVE-2014-0224 protection. Return a fatal error if an attempt is made to use a zero length master secret. --- ssl/s3_pkt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 6caa3bb522..c087fee093 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -1306,7 +1306,7 @@ int ssl3_do_change_cipher_spec(SSL *s) if (s->s3->tmp.key_block == NULL) { - if (s->session == NULL) + if (s->session == NULL || s->session->master_key_length == 0) { /* might happen if dtls1_read_bytes() calls this */ SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY); -- 2.25.1