diff options
author | Ben Laurie <ben@links.org> | 2013-01-28 17:33:18 +0000 |
---|---|---|
committer | Ben Laurie <ben@links.org> | 2013-01-28 17:33:18 +0000 |
commit | 6cb19b7681f600b2f165e4adc57547b097b475fd (patch) | |
tree | f0bf30e675c0bbaa29be28db7febd92f1a678936 /ssl/d1_enc.c | |
parent | e130841bccfc0bb9da254dc84e23bc6a1c78a64e (diff) | |
download | openssl-new-6cb19b7681f600b2f165e4adc57547b097b475fd.tar.gz |
Don't crash when processing a zero-length, TLS >= 1.1 record.
The previous CBC patch was bugged in that there was a path through enc()
in s3_pkt.c/d1_pkt.c which didn't set orig_len. orig_len would be left
at the previous value which could suggest that the packet was a
sufficient length when it wasn't.
Diffstat (limited to 'ssl/d1_enc.c')
-rw-r--r-- | ssl/d1_enc.c | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/ssl/d1_enc.c b/ssl/d1_enc.c index c13b495a08..da42348b3d 100644 --- a/ssl/d1_enc.c +++ b/ssl/d1_enc.c @@ -245,7 +245,6 @@ int dtls1_enc(SSL *s, int send) } #endif /* KSSL_DEBUG */ - rec->orig_len = rec->length; if ((bs != 1) && !send) return tls1_cbc_remove_padding(s, rec, bs, mac_size); } |