projects / archaic-openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6c713b2) | patch
Fix seg fault with 0 p val in SKE ske-0-p
authorGuy Leaver (guleaver) <guleaver@cisco.com>
Fri, 7 Aug 2015 13:52:41 +0000 (14:52 +0100)
committerMatt Caswell <matt@openssl.org>
Fri, 7 Aug 2015 13:57:56 +0000 (14:57 +0100)
commit84cd210e3eb92f8610969e7a1b23d7fa6b4c5bc1
tree8bd535dc28d985054f34738cfe10a740ecd8886ctree | snapshot
parent6c713b222a181794b0a46a7a8d9f758e5250c4b6commit | diff
Fix seg fault with 0 p val in SKE

If a client receives a ServerKeyExchange for an anon DH ciphersuite with the
value of p set to 0 then a seg fault can occur. This commits adds a test to
reject p, g and pub key parameters that have a 0 value (in accordance with
RFC 5246)

CVE-2015-1794
include/openssl/ssl.h diff | blob | history
ssl/s3_clnt.c diff | blob | history
ssl/ssl_err.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.