projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ea9de25) | patch
Check for ClientHello message overruns
authorMatt Caswell <matt@openssl.org>
Fri, 10 Apr 2015 16:25:27 +0000 (17:25 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 14 Apr 2015 13:48:24 +0000 (14:48 +0100)
commit35bac9167644d167aee57c26df206ed5f2b2a877
treeba9b76246e8c8d72a90c9cca4dcb3d23ff1892f6tree | snapshot
parentea9de25f2f577db69d67c39e5cf60be7da17c931commit | diff
Check for ClientHello message overruns

The ClientHello processing is insufficiently rigorous in its checks to make
sure that we don't read past the end of the message. This does not have
security implications due to the size of the underlying buffer - but still
needs to be fixed.

With thanks to Qinghao Tang for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit c9642eb1ff79a30e2c7632ef8267cc34cc2b0d79)
ssl/s3_srvr.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.