[openssl-commits] [openssl] OpenSSL_1_0_0-stable update

Matt Caswell matt at openssl.org
Wed Jun 10 09:07:03 UTC 2015


The branch OpenSSL_1_0_0-stable has been updated
       via  9545eac45bc79496763d2ded02629f88a8629fb9 (commit)
      from  228806a4f3c42cfb304b974a267a95f7a12cba87 (commit)


- Log -----------------------------------------------------------------
commit 9545eac45bc79496763d2ded02629f88a8629fb9
Author: Matt Caswell <matt at openssl.org>
Date:   Wed Jun 10 09:32:34 2015 +0100

    Fix Kerberos issue in ssl_session_dup
    
    The fix for CVE-2015-1791 introduced an error in ssl_session_dup for
    Kerberos.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>
    (cherry picked from commit dcad51bc13c9b716d9a66248bcc4038c071ff158)

-----------------------------------------------------------------------

Summary of changes:
 ssl/ssl_sess.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 98b9107..1fb682a 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -239,7 +239,7 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
     memcpy(dest, src, sizeof(*dest));
 
 #ifndef OPENSSL_NO_KRB5
-    dest->krb5_client_princ_len = dest->krb5_client_princ_len;
+    dest->krb5_client_princ_len = src->krb5_client_princ_len;
     if (src->krb5_client_princ_len > 0)
         memcpy(dest->krb5_client_princ, src->krb5_client_princ,
                src->krb5_client_princ_len);


More information about the openssl-commits mailing list