diff options
author | Jacques Vidrine <nectar@FreeBSD.org> | 2004-03-17 12:11:08 +0000 |
---|---|---|
committer | Jacques Vidrine <nectar@FreeBSD.org> | 2004-03-17 12:11:08 +0000 |
commit | 81ac585294418460a598ae2c6d3eeaf0d993b18a (patch) | |
tree | 61beab9e630eee6949514999b0e00b50f9d6f883 /crypto/openssl/ssl/s3_pkt.c | |
parent | 50ef0093530d9eae8741fb66ae7161ad1d68dcca (diff) | |
download | src-81ac585294418460a598ae2c6d3eeaf0d993b18a.tar.gz src-81ac585294418460a598ae2c6d3eeaf0d993b18a.zip |
Correct a denial-of-service vulnerability in OpenSSL (CAN-2004-0079).
Obtained from: OpenSSL CVS (http://cvs.openssl.org/chngview?cn=12033)
Notes
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=127114
Diffstat (limited to 'crypto/openssl/ssl/s3_pkt.c')
-rw-r--r-- | crypto/openssl/ssl/s3_pkt.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/crypto/openssl/ssl/s3_pkt.c b/crypto/openssl/ssl/s3_pkt.c index 3f88429e79a6..9f3e5139ad97 100644 --- a/crypto/openssl/ssl/s3_pkt.c +++ b/crypto/openssl/ssl/s3_pkt.c @@ -1085,6 +1085,14 @@ start: goto err; } + /* Check we have a cipher to change to */ + if (s->s3->tmp.new_cipher == NULL) + { + i=SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY); + goto err; + } + rr->length=0; if (s->msg_callback) |