diff options
| author | jsing <> | 2015-03-02 13:43:09 +0000 |
|---|---|---|
| committer | jsing <> | 2015-03-02 13:43:09 +0000 |
| commit | 91cadee01e4571398489c861eddc43a70b20b7c1 (patch) | |
| tree | 82708cc98d530f87422df9e4773abf1c7c075916 | |
| parent | 900fc621282df881ec900874af414634b959dc8c (diff) | |
| download | openbsd-91cadee01e4571398489c861eddc43a70b20b7c1.tar.gz openbsd-91cadee01e4571398489c861eddc43a70b20b7c1.tar.bz2 openbsd-91cadee01e4571398489c861eddc43a70b20b7c1.zip | |
Fix a minor information leak that was introduced in t1_lib.c r1.71, whereby
an additional 28 bytes of .rodata (or .data) is provided to the network. In
most cases this is a non-issue since the memory content is already public.
Issue found and reported by Felix Groebert of the Google Security Team.
ok bcook@ beck@
| -rw-r--r-- | src/lib/libssl/src/ssl/t1_lib.c | 4 | ||||
| -rw-r--r-- | src/lib/libssl/t1_lib.c | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/src/lib/libssl/src/ssl/t1_lib.c b/src/lib/libssl/src/ssl/t1_lib.c index 60cef857b5..9b7f54682b 100644 --- a/src/lib/libssl/src/ssl/t1_lib.c +++ b/src/lib/libssl/src/ssl/t1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_lib.c,v 1.74 2014/12/14 14:34:43 jsing Exp $ */ | 1 | /* $OpenBSD: t1_lib.c,v 1.75 2015/03/02 13:43:09 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -395,7 +395,7 @@ tls1_get_curvelist(SSL *s, int client_curves, const uint16_t **pcurves, | |||
| 395 | *pcurveslen = s->tlsext_ellipticcurvelist_length; | 395 | *pcurveslen = s->tlsext_ellipticcurvelist_length; |
| 396 | if (*pcurves == NULL) { | 396 | if (*pcurves == NULL) { |
| 397 | *pcurves = eccurves_default; | 397 | *pcurves = eccurves_default; |
| 398 | *pcurveslen = sizeof(eccurves_default); | 398 | *pcurveslen = sizeof(eccurves_default) / 2; |
| 399 | } | 399 | } |
| 400 | } | 400 | } |
| 401 | 401 | ||
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 60cef857b5..9b7f54682b 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_lib.c,v 1.74 2014/12/14 14:34:43 jsing Exp $ */ | 1 | /* $OpenBSD: t1_lib.c,v 1.75 2015/03/02 13:43:09 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -395,7 +395,7 @@ tls1_get_curvelist(SSL *s, int client_curves, const uint16_t **pcurves, | |||
| 395 | *pcurveslen = s->tlsext_ellipticcurvelist_length; | 395 | *pcurveslen = s->tlsext_ellipticcurvelist_length; |
| 396 | if (*pcurves == NULL) { | 396 | if (*pcurves == NULL) { |
| 397 | *pcurves = eccurves_default; | 397 | *pcurves = eccurves_default; |
| 398 | *pcurveslen = sizeof(eccurves_default); | 398 | *pcurveslen = sizeof(eccurves_default) / 2; |
| 399 | } | 399 | } |
| 400 | } | 400 | } |
| 401 | 401 | ||