The branch master has been updated via 52a48f9eed73503c691056b5832b3eb04b95ea00 (commit) from 67202973cf55eaac021706c183377b8040cf0c20 (commit)
- Log ----------------------------------------------------------------- commit 52a48f9eed73503c691056b5832b3eb04b95ea00 Author: Alessandro Ghedini <alessan...@ghedini.me> Date: Fri Oct 2 13:43:29 2015 +0200 Validate ClientHello extension field length RT#4069 Reviewed-by: Emilia Käsper <emi...@openssl.org> Reviewed-by: Matt Caswell <m...@openssl.org> ----------------------------------------------------------------------- Summary of changes: ssl/t1_lib.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index aeae5b0..4975c10 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1927,6 +1927,9 @@ static int ssl_scan_clienthello_tlsext(SSL *s, PACKET *pkt, int *al) if (!PACKET_get_net_2(pkt, &len)) goto err; + if (PACKET_remaining(pkt) != len) + goto err; + while (PACKET_get_net_2(pkt, &type) && PACKET_get_net_2(pkt, &size)) { PACKET subpkt; _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits