diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-05-23 19:50:31 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-05-29 19:00:01 +0200 |
commit | 688ea6428a432c39203d00acd1af0e7684e5ddfd (patch) | |
tree | c49df1bd1e4d46c64bf5587a31571532e77e740d /lib/gnutls_handshake.c | |
parent | 1375d4e6d7bb969bf6c91ad78be41698073070f3 (diff) | |
download | gnutls-688ea6428a432c39203d00acd1af0e7684e5ddfd.tar.gz |
Prevent memory corruption due to server hello parsing.
Issue discovered by Joonas Kuorilehto of Codenomicon.
Diffstat (limited to 'lib/gnutls_handshake.c')
-rw-r--r-- | lib/gnutls_handshake.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 3316ff158a..3765efd197 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -1751,7 +1751,7 @@ read_server_hello(gnutls_session_t session, DECR_LEN(len, 1); session_id_len = data[pos++]; - if (len < session_id_len) { + if (len < session_id_len || session_id_len > TLS_MAX_SESSION_ID_SIZE) { gnutls_assert(); return GNUTLS_E_UNSUPPORTED_VERSION_PACKET; } |