Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssl/dist/ssl pull in rev.22050 from ...
details: https://anonhg.NetBSD.org/src/rev/0b466b41cfbd
branches: trunk
changeset: 772856:0b466b41cfbd
user: drochner <drochner%NetBSD.org@localhost>
date: Wed Jan 18 20:08:49 2012 +0000
description:
pull in rev.22050 from upstream CVS, following secadv_20120118.txt:
Fix for DTLS DoS issue introduced by fix for CVE-2011-4108 (CVE-2012-0050)
diffstat:
crypto/external/bsd/openssl/dist/ssl/d1_pkt.c | 17 +++++++----------
1 files changed, 7 insertions(+), 10 deletions(-)
diffs (37 lines):
diff -r aaf65c7ec3cd -r 0b466b41cfbd crypto/external/bsd/openssl/dist/ssl/d1_pkt.c
--- a/crypto/external/bsd/openssl/dist/ssl/d1_pkt.c Wed Jan 18 19:17:02 2012 +0000
+++ b/crypto/external/bsd/openssl/dist/ssl/d1_pkt.c Wed Jan 18 20:08:49 2012 +0000
@@ -376,6 +376,7 @@
unsigned int mac_size;
unsigned char md[EVP_MAX_MD_SIZE];
int decryption_failed_or_bad_record_mac = 0;
+ unsigned char *mac = NULL;
rr= &(s->s3->rrec);
@@ -450,19 +451,15 @@
#endif
}
/* check the MAC for rr->input (it's in mac_size bytes at the tail) */
- if (rr->length < mac_size)
+ if (rr->length >= mac_size)
{
-#if 0 /* OK only for stream ciphers */
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
-#else
- decryption_failed_or_bad_record_mac = 1;
-#endif
+ rr->length -= mac_size;
+ mac = &rr->data[rr->length];
}
- rr->length-=mac_size;
+ else
+ rr->length = 0;
i=s->method->ssl3_enc->mac(s,md,0);
- if (i < 0 || memcmp(md,&(rr->data[rr->length]),mac_size) != 0)
+ if (i < 0 || mac == NULL || memcmp(md, mac, mac_size) != 0)
{
decryption_failed_or_bad_record_mac = 1;
}
Home |
Main Index |
Thread Index |
Old Index