summaryrefslogtreecommitdiffstats
path: root/lib/libssl/src
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libssl/src')
-rw-r--r--lib/libssl/src/ssl/d1_srvr.c12
-rw-r--r--lib/libssl/src/ssl/s3_srvr.c17
2 files changed, 17 insertions, 12 deletions
diff --git a/lib/libssl/src/ssl/d1_srvr.c b/lib/libssl/src/ssl/d1_srvr.c
index 47a0c0e2a26..6040dd96ca8 100644
--- a/lib/libssl/src/ssl/d1_srvr.c
+++ b/lib/libssl/src/ssl/d1_srvr.c
@@ -1018,6 +1018,9 @@ dtls1_send_server_key_exchange(SSL *s)
BN_CTX *bn_ctx = NULL;
#endif
+#ifndef OPENSSL_NO_PSK
+ size_t pskhintlen;
+#endif
EVP_PKEY *pkey;
unsigned char *p, *d;
int al, i;
@@ -1226,8 +1229,9 @@ dtls1_send_server_key_exchange(SSL *s)
#endif /* !OPENSSL_NO_ECDH */
#ifndef OPENSSL_NO_PSK
if (type & SSL_kPSK) {
+ pskhintlen = strlen(s->ctx->psk_identity_hint);
/* reserve size for record length and PSK identity hint*/
- n += 2 + strlen(s->ctx->psk_identity_hint);
+ n += 2 + pskhintlen;
} else
#endif /* !OPENSSL_NO_PSK */
{
@@ -1293,10 +1297,10 @@ dtls1_send_server_key_exchange(SSL *s)
#ifndef OPENSSL_NO_PSK
if (type & SSL_kPSK) {
/* copy PSK identity hint */
- s2n(strlen(s->ctx->psk_identity_hint), p);
+ s2n(pskhintlen, p);
- strncpy((char *)p, s->ctx->psk_identity_hint, strlen(s->ctx->psk_identity_hint));
- p += strlen(s->ctx->psk_identity_hint);
+ memcpy(p, s->ctx->psk_identity_hint, pskhintlen);
+ p += pskhintlen;
}
#endif
diff --git a/lib/libssl/src/ssl/s3_srvr.c b/lib/libssl/src/ssl/s3_srvr.c
index 0794a298b1a..f532e254f98 100644
--- a/lib/libssl/src/ssl/s3_srvr.c
+++ b/lib/libssl/src/ssl/s3_srvr.c
@@ -1574,6 +1574,9 @@ ssl3_send_server_key_exchange(SSL *s)
BN_CTX *bn_ctx = NULL;
#endif
+#ifndef OPENSSL_NO_PSK
+ size_t pskhintlen;
+#endif
EVP_PKEY *pkey;
const EVP_MD *md = NULL;
unsigned char *p, *d;
@@ -1804,10 +1807,9 @@ ssl3_send_server_key_exchange(SSL *s)
#endif /* !OPENSSL_NO_ECDH */
#ifndef OPENSSL_NO_PSK
if (type & SSL_kPSK) {
- /*
- * Reserve size for record length and PSK identity hint.
- */
- n += 2 + strlen(s->ctx->psk_identity_hint);
+ pskhintlen = strlen(s->ctx->psk_identity_hint);
+ /* reserve size for record length and PSK identity hint*/
+ n += 2 + pskhintlen;
} else
#endif /* !OPENSSL_NO_PSK */
#ifndef OPENSSL_NO_SRP
@@ -1900,11 +1902,10 @@ ssl3_send_server_key_exchange(SSL *s)
#ifndef OPENSSL_NO_PSK
if (type & SSL_kPSK) {
/* copy PSK identity hint */
- s2n(strlen(s->ctx->psk_identity_hint), p);
+ s2n(pskhintlen, p);
- strncpy((char *)p, s->ctx->psk_identity_hint,
- strlen(s->ctx->psk_identity_hint));
- p += strlen(s->ctx->psk_identity_hint);
+ memcpy(p, s->ctx->psk_identity_hint, pskhintlen);
+ p += pskhintlen;
}
#endif
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.