generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Validate ClientHello extension field length

Browse Source 
RT#4069

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
Alessandro Ghedini 2015-10-02 14:38:30 +02:00 committed by Matt Caswell
parent 67d4253174
commit e4840c88c5
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ssl/t1_lib.c
View File

@ -1024,7 +1024,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
n2s(data, len);
if (data > (d + n - len))
if (data + len != d + n)
goto err;
while (data <= (d + n - 4)) {