projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Don't crash when processing a zero-length, TLS >= 1.1 record.
[openssl.git] / ssl / d1_pkt.c
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 987af608358d914a72fa8a4620d7faf8188d22f0..4763d5cd1f9398f42646f16a89c061095c0c9187 100644 (file)
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -414,6 +414,7 @@ dtls1_process_record(SSL *s)
 
        /* decrypt in place in 'rr->input' */
        rr->data=rr->input;
+       rr->orig_len=rr->length;
 
        enc_err = s->method->ssl3_enc->enc(s,0);
        if (enc_err <= 0)
@@ -463,7 +464,7 @@ printf("\n");
                else
                        rr->length = 0;
                i=s->method->ssl3_enc->mac(s,md,0);
-               if (i < 0 || mac == NULL || memcmp(md, mac, mac_size) != 0)
+               if (i < 0 || mac == NULL || CRYPTO_memcmp(md,mac,mac_size) != 0)
                        {
                        decryption_failed_or_bad_record_mac = 1;
                        }
Unnamed repository; edit this file 'description' to name the repository.