On Thu, Aug 07, 2014, Tomas Mraz wrote: > Hi, > during the review of OpenSSL commits I found this one: > https://github.com/openssl/openssl/commit/22a10c89d7c3f951339c385d57cc8fd23c0a800b > > There is unfortunately not much detail in the commit message. Could this > be a possible security issue? Can you please clear that up? >
The commit log message is somewhat unfortunate ;-) The commit combines some cosmetic changes with a correction to see if there is enough room for two extensions: renegotiation and SRTP. In practice an overrun is not possible becaue at most a few bytes is written to a BUF_MEM structure which is grown to 16k calling BUF_MEM_grow which actually ends up allocating additional space making it 21848 bytes in length. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
