summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjasper <>2010-03-31 12:17:29 +0000
committerjasper <>2010-03-31 12:17:29 +0000
commit0778d6fe9345063b8d261d235f6fb13ee2c35b6c (patch)
treeb270c6594419af9e1534d289203bb28bf339de39
parentc3db69468ea289b628be58c387004024df0f3462 (diff)
downloadopenbsd-OPENBSD_4_6.tar.gz
openbsd-OPENBSD_4_6.tar.bz2
openbsd-OPENBSD_4_6.zip
Security fix for CVE-2010-0740OPENBSD_4_6
"In TLS connections, certain incorrectly formatted records can cause an OpenSSL client or server to crash due to a read attempt at NULL." http://openssl.org/news/secadv_20100324.txt ok djm@ sthen@
-rw-r--r--src/lib/libssl/src/ssl/s3_pkt.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/src/lib/libssl/src/ssl/s3_pkt.c b/src/lib/libssl/src/ssl/s3_pkt.c
index b98b84044f..515739c08c 100644
--- a/src/lib/libssl/src/ssl/s3_pkt.c
+++ b/src/lib/libssl/src/ssl/s3_pkt.c
@@ -282,9 +282,10 @@ again:
282 if (version != s->version) 282 if (version != s->version)
283 { 283 {
284 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER); 284 SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
285 /* Send back error using their 285 if ((s->version & 0xFF00) == (version & 0xFF00))
286 * version number :-) */ 286 /* Send back error using their
287 s->version=version; 287 * minor version number :-) */
288 s->version = (unsigned short)version;
288 al=SSL_AD_PROTOCOL_VERSION; 289 al=SSL_AD_PROTOCOL_VERSION;
289 goto f_err; 290 goto f_err;
290 } 291 }