Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576)

author: Dr. Stephen Henson <steve@openssl.org> 2012-01-04 23:13:29 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2012-01-04 23:13:29 +0000
commit: 4e44bd3650b4ceda182de8978244b5b8dc6d0f5a (patch)
tree: 8369aefd4c8a5fc9984721255c7c4d34c109d2ef
parent: 0cffb0cd3e1ba8c016b92941eff172e17dbf6d4a (diff)
download: openssl-new-4e44bd3650b4ceda182de8978244b5b8dc6d0f5a.tar.gz
2 files changed, 7 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index d492b2e95e..76e12f9e32 100644
--- a/CHANGES
+++ b/CHANGES
@@ -269,6 +269,10 @@
 
  Changes between 1.0.0e and 1.0.0f [xx XXX xxxx]
 
+  *) Clear bytes used for block padding of SSL 3.0 records.
+     (CVE-2011-4576)
+     [Adam Langley (Google)]
+
   *) Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)
      [Adam Langley (Google)]
 
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 0ddfe192bc..c5df2cb90a 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -512,6 +512,9 @@ int ssl3_enc(SSL *s, int send)
 
 			/* we need to add 'i-1' padding bytes */
 			l+=i;
+			/* the last of these zero bytes will be overwritten
+			 * with the padding length. */
+			memset(&rec->input[rec->length], 0, i);
 			rec->length+=i;
 			rec->input[l-1]=(i-1);
 			}
author	Dr. Stephen Henson <steve@openssl.org>	2012-01-04 23:13:29 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2012-01-04 23:13:29 +0000
commit	4e44bd3650b4ceda182de8978244b5b8dc6d0f5a (patch)
tree	8369aefd4c8a5fc9984721255c7c4d34c109d2ef
parent	0cffb0cd3e1ba8c016b92941eff172e17dbf6d4a (diff)
download	openssl-new-4e44bd3650b4ceda182de8978244b5b8dc6d0f5a.tar.gz