Module Name:    src
Committed By:   bouyer
Date:           Sun Mar 28 11:32:29 UTC 2010

Modified Files:
        src/crypto/external/bsd/openssl/dist/ssl: s3_pkt.c

Log Message:
Apply patchset 19476 from openssl repository, fixing CVE-2010-0740.
from http://www.openssl.org/news/secadv_20100324.txt:
"In TLS connections, certain incorrectly formatted records can cause an OpenSSL
client or server to crash due to a read attempt at NULL".


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c:1.6 src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c:1.7
--- src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c:1.6	Sun Jan 10 16:39:10 2010
+++ src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c	Sun Mar 28 11:32:29 2010
@@ -337,9 +337,9 @@
 			if (version != s->version)
 				{
 				SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
-				/* Send back error using their
-				 * version number :-) */
-				s->version=version;
+                                if ((s->version & 0xFF00) == (version & 0xFF00))
+                                	/* Send back error using their minor version number :-) */
+					s->version = (unsigned short)version;
 				al=SSL_AD_PROTOCOL_VERSION;
 				goto f_err;
 				}

Reply via email to