[openssl-commits] [openssl] master update

Mon Oct 5 18:59:30 UTC 2015

The branch master has been updated
       via  52a48f9eed73503c691056b5832b3eb04b95ea00 (commit)
      from  67202973cf55eaac021706c183377b8040cf0c20 (commit)


- Log -----------------------------------------------------------------
commit 52a48f9eed73503c691056b5832b3eb04b95ea00
Author: Alessandro Ghedini <alessandro at ghedini.me>
Date:   Fri Oct 2 13:43:29 2015 +0200

    Validate ClientHello extension field length
    
    RT#4069
    
    Reviewed-by: Emilia Käsper <emilia at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 ssl/t1_lib.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index aeae5b0..4975c10 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1927,6 +1927,9 @@ static int ssl_scan_clienthello_tlsext(SSL *s, PACKET *pkt, int *al)
     if (!PACKET_get_net_2(pkt, &len))
         goto err;
 
+    if (PACKET_remaining(pkt) != len)
+        goto err;
+
     while (PACKET_get_net_2(pkt, &type) && PACKET_get_net_2(pkt, &size)) {
         PACKET subpkt;
 
