Avoid an out-of-bounds array access in the s_server. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2020-05-23 09:02:02 +0000
committer	tb <>	2020-05-23 09:02:02 +0000
commit	3a6807ff60ba69ab956c1eef3a48039c55db0347 (patch)
tree	21a3fe2768e487d453cfb95b21f3e4729753a9d7 /src/lib/libssl/ssl_lib.c
parent	75a517d36cb6927c5e5e2af71f5bed9d6ac6b884 (diff)
download	openbsd-3a6807ff60ba69ab956c1eef3a48039c55db0347.tar.gz openbsd-3a6807ff60ba69ab956c1eef3a48039c55db0347.tar.bz2 openbsd-3a6807ff60ba69ab956c1eef3a48039c55db0347.zip

Avoid an out-of-bounds array access in the s_server.

It can be triggered by sending a line to stdin while no connection is open and then connecting a client. The first SSL_write() fails, sends SSL_ERROR_WANT_* and then causes a segfault deep down in the tls stack when accessing &(buf[-1]). ok beck inoguchi

Diffstat (limited to 'src/lib/libssl/ssl_lib.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: