diff options
author | steve <steve> | 2012-02-27 16:38:24 +0000 |
---|---|---|
committer | steve <steve> | 2012-02-27 16:38:24 +0000 |
commit | 17fc4b403e758648b08147f6b2bb414c422c6d73 (patch) | |
tree | 5af355e9492d32bc50d4a5a4d2de5e9aae7de692 | |
parent | 77764c6ddeb223d3e083c004130fc8c7133bb212 (diff) | |
download | openssl-17fc4b403e758648b08147f6b2bb414c422c6d73.tar.gz |
PR: 2739
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix padding bugs in Heartbeat support.
-rw-r--r-- | ssl/d1_both.c | 3 | ||||
-rw-r--r-- | ssl/t1_lib.c | 5 |
2 files changed, 6 insertions, 2 deletions
diff --git a/ssl/d1_both.c b/ssl/d1_both.c index b96e34f2e..5c47c7c19 100644 --- a/ssl/d1_both.c +++ b/ssl/d1_both.c @@ -1422,8 +1422,9 @@ dtls1_process_heartbeat(SSL *s) *bp++ = TLS1_HB_RESPONSE; s2n(payload, bp); memcpy(bp, pl, payload); + bp += payload; /* Random padding */ - RAND_pseudo_bytes(p, padding); + RAND_pseudo_bytes(bp, padding); r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding); diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index f2e6b7cab..9c76da112 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -2467,7 +2467,10 @@ tls1_process_heartbeat(SSL *s) *bp++ = TLS1_HB_RESPONSE; s2n(payload, bp); memcpy(bp, pl, payload); - + bp += payload; + /* Random padding */ + RAND_pseudo_bytes(bp, padding); + r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding); if (r >= 0 && s->msg_callback) |