On Thu Jul 10 11:26:46 2014, [email protected] wrote: > Hello, > I have been looking at the OpenSSL source code, and this jumped out as a > possible error. 'n¹ is an unsigned before it is passed into ssl3_read_n, > which causes the worry of an overflow. To prevent this, I added check that > just makes sure that n is not less than zero, which wouldn't make sense > anyway. This is my first time posting a change for OpenSSL, so please > forgive any formatting errors. > Thanks, > Ben Chaney
Hello Ben Please see Otto's analysis of this here (thanks Otto): http://marc.info/?l=openssl-dev&m=140500412332158&w=2 Closing this ticket. Matt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
