[openssl] OpenSSL_1_1_1-stable update
Dr. Paul Dale
pauli at openssl.org
Thu Mar 18 11:21:21 UTC 2021
The branch OpenSSL_1_1_1-stable has been updated
via 1136fedc334b574eef6f551be158860fda4199f2 (commit)
from 81198bf323ea9deda907714170d329ca7d2ff01f (commit)
- Log -----------------------------------------------------------------
commit 1136fedc334b574eef6f551be158860fda4199f2
Author: Pauli <ppzgs1 at gmail.com>
Date: Wed Mar 17 12:00:42 2021 +1000
ssl: fix coverity 1451515: out of bounds memory access
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14585)
(cherry picked from commit 3de7f014a985637361bdee775f78209300c88aae)
-----------------------------------------------------------------------
Summary of changes:
ssl/statem/statem_clnt.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index d84cc0460f..09fba3d8c0 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2905,6 +2905,7 @@ static int tls_construct_cke_psk_preamble(SSL *s, WPACKET *pkt)
if (psklen > PSK_MAX_PSK_LEN) {
SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE, ERR_R_INTERNAL_ERROR);
+ psklen = PSK_MAX_PSK_LEN; /* Avoid overrunning the array on cleanse */
goto err;
} else if (psklen == 0) {
SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
More information about the openssl-commits
mailing list