Fix for CVE-2013-4353 (OpenSSL)

Sebastian Trahm Thu, 16 Jan 2014 10:45:39 -0800

Hello,

the following diff addresses CVE-2013-4353
(OpenSSL - TLS record tampering bug).


Index: src/ssl/s3_both.c
===================================================================
RCS file: /cvs/src/lib/libssl/src/ssl/s3_both.c,v
retrieving revision 1.12
diff -u -p -u -p -r1.12 s3_both.c
--- src/ssl/s3_both.c   14 Feb 2013 15:11:43 -0000      1.12
+++ src/ssl/s3_both.c   16 Jan 2014 16:03:53 -0000
@@ -207,6 +207,12 @@ int ssl3_send_finished(SSL *s, int a, in
 static void ssl3_take_mac(SSL *s) {
        const char *sender;
        int slen;
+       
+       /* If no new cipher setup return immediately: other functions will
+        * set the appropriate error.
+        */
+       if (s->s3->tmp.new_cipher == NULL)
+               return;
 
        if (s->state & SSL_ST_CONNECT)
                {

Cheers,

Sebastian

[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4353
[2] 
http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=197e0ea817ad64820789d86711d55ff50d71f631

Fix for CVE-2013-4353 (OpenSSL)

Reply via email to