[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Thu Jun 8 13:40:01 UTC 2017
The branch master has been updated
via 3dce109905deb869ec395eeaafdcfae08292a04c (commit)
from 1c036c6443af3d0d912f074b0a2c4055c804115c (commit)
- Log -----------------------------------------------------------------
commit 3dce109905deb869ec395eeaafdcfae08292a04c
Author: Rich Salz <rsalz at openssl.org>
Date: Thu Jun 8 09:26:20 2017 -0400
Fix possible memory over-read in apps/s_client.c
a buffer returned from BIO_gets is not checked for it's length before
reading its contents.
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
Reviewed-by: Andy Polyakov <appro at openssl.org>
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3630)
-----------------------------------------------------------------------
Summary of changes:
apps/s_client.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/apps/s_client.c b/apps/s_client.c
index 9ec7217..84dad97 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -2172,6 +2172,15 @@ int s_client_main(int argc, char **argv)
* HTTP/d.d ddd Reason text\r\n
*/
mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
+ if (mbuf_len < (int)strlen("HTTP/1.0 200")) {
+ BIO_printf(bio_err,
+ "%s: HTTP CONNECT failed, insufficient response "
+ "from proxy (got %d octets)\n", prog, mbuf_len);
+ (void)BIO_flush(fbio);
+ BIO_pop(fbio);
+ BIO_free(fbio);
+ goto shut;
+ }
if (mbuf[8] != ' ') {
BIO_printf(bio_err,
"%s: HTTP CONNECT failed, incorrect response "
More information about the openssl-commits
mailing list