Module Name:    src
Committed By:   bouyer
Date:           Wed Feb 16 21:00:24 UTC 2011

Modified Files:
        src/crypto/dist/openssl/ssl [netbsd-5]: t1_lib.c

Log Message:
Pull up following revision(s) (requested by spz in ticket #1545):
        crypto/external/bsd/openssl/dist/ssl/t1_lib.c: revision 1.4 via patch
fix for CVE-2011-0014 (OCSP stapling vulnerability in OpenSSL)
patch taken from http://www.openssl.org/news/secadv_20110208.txt


To generate a diff of this commit:
cvs rdiff -u -r1.2.4.2 -r1.2.4.3 src/crypto/dist/openssl/ssl/t1_lib.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/dist/openssl/ssl/t1_lib.c
diff -u src/crypto/dist/openssl/ssl/t1_lib.c:1.2.4.2 src/crypto/dist/openssl/ssl/t1_lib.c:1.2.4.3
--- src/crypto/dist/openssl/ssl/t1_lib.c:1.2.4.2	Fri Dec 10 21:44:17 2010
+++ src/crypto/dist/openssl/ssl/t1_lib.c	Wed Feb 16 21:00:23 2011
@@ -810,6 +810,7 @@
 						}
 					n2s(data, idsize);
 					dsize -= 2 + idsize;
+					size -= 2 + idsize;
 					if (dsize < 0)
 						{
 						*al = SSL_AD_DECODE_ERROR;
@@ -848,9 +849,14 @@
 					}
 
 				/* Read in request_extensions */
+				if (size < 2)
+					{
+					*al = SSL_AD_DECODE_ERROR;
+					return 0;
+					}
 				n2s(data,dsize);
 				size -= 2;
-				if (dsize > size) 
+				if (dsize != size) 
 					{
 					*al = SSL_AD_DECODE_ERROR;
 					return 0;

Reply via email to