]> granicus.if.org Git - openssl/commit
projects / openssl / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bb565cd) | patch
Premaster secret handling fixes
authorAdam Langley <agl@chromium.org>
Tue, 16 Dec 2014 13:03:47 +0000 (14:03 +0100)
committerEmilia Kasper <emilia@openssl.org>
Wed, 17 Dec 2014 13:03:43 +0000 (14:03 +0100)
commit1ecfb673358ccc1129899e5854e6275520b2be65
tree09a6c63637216cfbc6957dbf1daec3c4c08c650ctree | snapshot
parentbb565cd29e34caeeaf12ecfdbe6273c2c794f5a2commit | diff
Premaster secret handling fixes

From BoringSSL
- Send an alert when the client key exchange isn't correctly formatted.
- Reject overly short RSA ciphertexts to avoid a (benign) out-of-bounds memory access.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 4aecfd4d9f366c849c9627ab666d1b1addc024e6)
ssl/s3_srvr.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.