Module Name: src Committed By: bouyer Date: Wed Feb 16 21:00:24 UTC 2011
Modified Files: src/crypto/dist/openssl/ssl [netbsd-5]: t1_lib.c Log Message: Pull up following revision(s) (requested by spz in ticket #1545): crypto/external/bsd/openssl/dist/ssl/t1_lib.c: revision 1.4 via patch fix for CVE-2011-0014 (OCSP stapling vulnerability in OpenSSL) patch taken from http://www.openssl.org/news/secadv_20110208.txt To generate a diff of this commit: cvs rdiff -u -r1.2.4.2 -r1.2.4.3 src/crypto/dist/openssl/ssl/t1_lib.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/crypto/dist/openssl/ssl/t1_lib.c diff -u src/crypto/dist/openssl/ssl/t1_lib.c:1.2.4.2 src/crypto/dist/openssl/ssl/t1_lib.c:1.2.4.3 --- src/crypto/dist/openssl/ssl/t1_lib.c:1.2.4.2 Fri Dec 10 21:44:17 2010 +++ src/crypto/dist/openssl/ssl/t1_lib.c Wed Feb 16 21:00:23 2011 @@ -810,6 +810,7 @@ } n2s(data, idsize); dsize -= 2 + idsize; + size -= 2 + idsize; if (dsize < 0) { *al = SSL_AD_DECODE_ERROR; @@ -848,9 +849,14 @@ } /* Read in request_extensions */ + if (size < 2) + { + *al = SSL_AD_DECODE_ERROR; + return 0; + } n2s(data,dsize); size -= 2; - if (dsize > size) + if (dsize != size) { *al = SSL_AD_DECODE_ERROR; return 0;