apply patches from OpenSSL Security Advisory [30 July 2002],

http://marc.theaimsgroup.com/?l=openssl-dev&m=102802395104110&w=2
author: markus <markus@openbsd.org> 2002-07-30 11:08:05 +0000
committer: markus <markus@openbsd.org> 2002-07-30 11:08:05 +0000
commit: 428837d1af6ee7883726f5a6f82d6bae10ac0025 (patch)
tree: 6cad96e6d9a4f7e09d07030b70c21d9902cf5e9b /lib/libssl/s3_clnt.c
parent: strip_chroot here as well. (diff)
download: wireguard-openbsd-428837d1af6ee7883726f5a6f82d6bae10ac0025.tar.xz
wireguard-openbsd-428837d1af6ee7883726f5a6f82d6bae10ac0025.zip
1 files changed, 9 insertions, 0 deletions
diff --git a/lib/libssl/s3_clnt.c b/lib/libssl/s3_clnt.c
index e5853ede95b..b6be7489326 100644
--- a/lib/libssl/s3_clnt.c
+++ b/lib/libssl/s3_clnt.c
@@ -545,6 +545,7 @@ static int ssl3_client_hello(SSL *s)
 		*(p++)=i;
 		if (i != 0)
 			{
+			die(i <= sizeof s->session->session_id);
 			memcpy(p,s->session->session_id,i);
 			p+=i;
 			}
@@ -626,6 +627,14 @@ static int ssl3_get_server_hello(SSL *s)
 	/* get the session-id */
 	j= *(p++);
 
+       if(j > sizeof s->session->session_id)
+               {
+               al=SSL_AD_ILLEGAL_PARAMETER;
+               SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+                      SSL_R_SSL3_SESSION_ID_TOO_LONG);
+               goto f_err;
+               }
+
 	if ((j != 0) && (j != SSL3_SESSION_ID_SIZE))
 		{
 		/* SSLref returns 16 :-( */
author	markus <markus@openbsd.org>	2002-07-30 11:08:05 +0000
committer	markus <markus@openbsd.org>	2002-07-30 11:08:05 +0000
commit	428837d1af6ee7883726f5a6f82d6bae10ac0025 (patch)
tree	6cad96e6d9a4f7e09d07030b70c21d9902cf5e9b /lib/libssl/s3_clnt.c
parent	strip_chroot here as well. (diff)
download	wireguard-openbsd-428837d1af6ee7883726f5a6f82d6bae10ac0025.tar.xz wireguard-openbsd-428837d1af6ee7883726f5a6f82d6bae10ac0025.zip