CVSROOT: /cvs Module name: src Changes by: js...@cvs.openbsd.org 2020/03/10 11:11:25
Modified files:
lib/libssl : tls13_buffer.c
Log message:
Add a return value check to tls13_buffer_extend().
In the unlikely event that the return value from the read callback is
larger than the number of bytes we asked for, we can end up incrementing
buf->len beyond capacity. Check the return value from the read callback to
prevent this.
ok inoguchi@ tb@
