[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Matt Caswell matt at openssl.org
Fri Jun 12 14:48:40 UTC 2015


The branch OpenSSL_1_0_2-stable has been updated
       via  fe64245aa1b1f5519ddfe11e3c9d7ad49ae4de95 (commit)
      from  1030f89f5ea238820645e3d34049eb1bd30e81c4 (commit)


- Log -----------------------------------------------------------------
commit fe64245aa1b1f5519ddfe11e3c9d7ad49ae4de95
Author: Adam Langley <agl at google.com>
Date:   Fri Jun 12 08:05:49 2015 +0100

    Allow a zero length extension block
    
    It is valid for an extension block to be present in a ClientHello, but to
    be of zero length.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 ssl/t1_lib.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index d811d3f..210a5e8 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2016,12 +2016,12 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p,
 
     s->srtp_profile = NULL;
 
-    if (data >= (d + n - 2)) {
-        if (data != d + n)
-            goto err;
-        else
-            goto ri_check;
-    }
+    if (data == d + n)
+        goto ri_check;
+
+    if (data > (d + n - 2))
+        goto err;
+
     n2s(data, len);
 
     if (data > (d + n - len))


More information about the openssl-commits mailing list