]> granicus.if.org Git - openssl/commit
projects / openssl / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e0e920b) | patch
Check for ClientHello message overruns
authorMatt Caswell <matt@openssl.org>
Fri, 10 Apr 2015 16:25:27 +0000 (17:25 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 14 Apr 2015 13:58:25 +0000 (14:58 +0100)
commit5e9f0eebcfa25a55177d9a7025713262367bec14
tree219ab4ba523c8247cd1a44c2b7e34bce66fcb9a6tree | snapshot
parente0e920b1a063f14f36418f8795c96f2c649400e1commit | diff
Check for ClientHello message overruns

The ClientHello processing is insufficiently rigorous in its checks to make
sure that we don't read past the end of the message. This does not have
security implications due to the size of the underlying buffer - but still
needs to be fixed.

With thanks to Qinghao Tang for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
ssl/s3_srvr.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.