PR: 2739
authorDr. Stephen Henson <steve@openssl.org>
Mon, 27 Feb 2012 16:38:24 +0000 (16:38 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Mon, 27 Feb 2012 16:38:24 +0000 (16:38 +0000)
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix padding bugs in Heartbeat support.

ssl/d1_both.c
ssl/t1_lib.c

index b96e34f..5c47c7c 100644 (file)
@@ -1422,8 +1422,9 @@ dtls1_process_heartbeat(SSL *s)
                *bp++ = TLS1_HB_RESPONSE;
                s2n(payload, bp);
                memcpy(bp, pl, payload);
+               bp += payload;
                /* Random padding */
-               RAND_pseudo_bytes(p, padding);
+               RAND_pseudo_bytes(bp, padding);
 
                r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding);
 
index f2e6b7c..9c76da1 100644 (file)
@@ -2467,7 +2467,10 @@ tls1_process_heartbeat(SSL *s)
                *bp++ = TLS1_HB_RESPONSE;
                s2n(payload, bp);
                memcpy(bp, pl, payload);
-               
+               bp += payload;
+               /* Random padding */
+               RAND_pseudo_bytes(bp, padding);
+
                r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding);
 
                if (r >= 0 && s->msg_callback)