SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED);
goto f_err;
}
- if ((i+p) > (d+n))
+ if ((p+i) >= (d+n))
{
/* not enough data */
al=SSL_AD_DECODE_ERROR;
/* compression */
i= *(p++);
+ if ((p+i) > (d+n))
+ {
+ /* not enough data */
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
q=p;
for (j=0; j<i; j++)
{
/* TLS does not mind if there is extra stuff */
if (s->version == SSL3_VERSION)
{
- if (p > (d+n))
+ if (p < (d+n))
{
/* wrong number of bytes,
* there could be more to follow */
krb5_timestamp authtime = 0;
krb5_ticket_times ttimes;
+ EVP_CIPHER_CTX_init(&ciph_ctx);
+
if (!kssl_ctx) kssl_ctx = kssl_ctx_new();
n2s(p,i);
enc_ticket.length = i;
- enc_ticket.data = p;
+ enc_ticket.data = (char *)p;
p+=enc_ticket.length;
n2s(p,i);
authenticator.length = i;
- authenticator.data = p;
+ authenticator.data = (char *)p;
p+=authenticator.length;
n2s(p,i);
enc_pms.length = i;
- enc_pms.data = p;
+ enc_pms.data = (char *)p;
p+=enc_pms.length;
- if ((unsigned long)n != enc_ticket.length + authenticator.length +
+ if (n != enc_ticket.length + authenticator.length +
enc_pms.length + 6)
{
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
goto err;
}
if (!EVP_DecryptUpdate(&ciph_ctx, pms,&outl,
- enc_pms.data, enc_pms.length))
+ (unsigned char *)enc_pms.data, enc_pms.length))
{
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_DECRYPTION_FAILED);