/[smeserver]/rpms/openssl/sme8/openssl-fips-0.9.8e-cve-2014-3506.patch
ViewVC logotype

Contents of /rpms/openssl/sme8/openssl-fips-0.9.8e-cve-2014-3506.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Tue Sep 2 22:20:54 2014 UTC (10 years, 2 months ago) by charliebrady
Branch: MAIN
CVS Tags: openssl-0_9_8e-28_el5_sme, openssl-0_9_8e-32_1_el5_sme, openssl-0_9_8e-31_1_el5_sme, openssl-0_9_8e-33_1_el5_sme, HEAD
Extracted from openssl-0.9.8e-27.el5_10.4.src.rpm

1 diff -up openssl-fips-0.9.8e/ssl/d1_both.c.dtls-sizechecks openssl-fips-0.9.8e/ssl/d1_both.c
2 --- openssl-fips-0.9.8e/ssl/d1_both.c.dtls-sizechecks 2014-08-08 11:19:09.000000000 +0200
3 +++ openssl-fips-0.9.8e/ssl/d1_both.c 2014-08-08 11:29:58.457106869 +0200
4 @@ -549,6 +549,16 @@ dtls1_retrieve_buffered_fragment(SSL *s,
5 return 0;
6 }
7
8 +/* dtls1_max_handshake_message_len returns the maximum number of bytes
9 + * permitted in a DTLS handshake message for |s|. The minimum is 16KB, but may
10 + * be greater if the maximum certificate list size requires it. */
11 +static unsigned long dtls1_max_handshake_message_len(const SSL *s)
12 + {
13 + unsigned long max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;
14 + if (max_len < (unsigned long)s->max_cert_list)
15 + return s->max_cert_list;
16 + return max_len;
17 + }
18
19 static int
20 dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
21 @@ -587,6 +597,9 @@ dtls1_process_out_of_seq_message(SSL *s,
22
23 if (frag_len)
24 {
25 + if (frag_len > dtls1_max_handshake_message_len(s))
26 + goto err;
27 +
28 frag = dtls1_hm_fragment_new(frag_len);
29 if ( frag == NULL)
30 goto err;

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed