projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Some precautions to avoid potential security-relevant problems.
[openssl.git] / ssl / ssl_asn1.c
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index 8630d3ecee2da6b8807021961e6635cd277a0603..8c4840219b551e69ffe3bfbf04c5f0be87514d5d 100644 (file)
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -413,7 +413,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
        memcpy(ret->session_id,os.data,os.length);
 
        M_ASN1_D2I_get_x(ASN1_OCTET_STRING,osp,d2i_ASN1_OCTET_STRING);
-       if (ret->master_key_length > SSL_MAX_MASTER_KEY_LENGTH)
+       if (os.length > SSL_MAX_MASTER_KEY_LENGTH)
                ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
        else
                ret->master_key_length=os.length;
Unnamed repository; edit this file 'description' to name the repository.