Avoid a NULL dereference in the DTLS client that can be triggered by a - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2014-11-27 16:03:03 +0000
committer	jsing <>	2014-11-27 16:03:03 +0000
commit	6cf0671671533a0aa8cb583f1d7f4f8e428268bd (patch)
tree	b520ad37da120e6f1f35a849623806156505fa8f /src/lib/libc/string/rindex.c
parent	215c63694da4bf85cfa8b01c82a89a52e337e78a (diff)
download	openbsd-6cf0671671533a0aa8cb583f1d7f4f8e428268bd.tar.gz openbsd-6cf0671671533a0aa8cb583f1d7f4f8e428268bd.tar.bz2 openbsd-6cf0671671533a0aa8cb583f1d7f4f8e428268bd.zip

Avoid a NULL dereference in the DTLS client that can be triggered by a

crafted server response used in conjunction with an anonymous DH or anonymous ECDH ciphersuite. Fixes CVE-2014-3510, which is effectively a repeat of CVE-2014-3470 in copied code. Reported by Felix Groebert of the Google Security Team. ok beck@ miod@

Diffstat (limited to 'src/lib/libc/string/rindex.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: