diff options
| author | beck <> | 2014-04-29 15:46:54 +0000 |
|---|---|---|
| committer | beck <> | 2014-04-29 15:46:54 +0000 |
| commit | 68d101f49e04f5b186085135fd2cea27b27580b0 (patch) | |
| tree | 1dbd7faef6553e72aa2ef792ffa2672281ecd334 /src | |
| parent | b4455c6b8c8da6f0da39b8811736a58b7d363f47 (diff) | |
| download | openbsd-68d101f49e04f5b186085135fd2cea27b27580b0.tar.gz openbsd-68d101f49e04f5b186085135fd2cea27b27580b0.tar.bz2 openbsd-68d101f49e04f5b186085135fd2cea27b27580b0.zip | |
Constrain bytes read/written to positive values.
ok miod@ tedu@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/s3_pkt.c | 10 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_pkt.c | 10 |
2 files changed, 20 insertions, 0 deletions
diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c index 4a8462ecb9..a5ed3c07cc 100644 --- a/src/lib/libssl/s3_pkt.c +++ b/src/lib/libssl/s3_pkt.c | |||
| @@ -561,6 +561,11 @@ ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) | |||
| 561 | unsigned int tot, n, nw; | 561 | unsigned int tot, n, nw; |
| 562 | int i; | 562 | int i; |
| 563 | 563 | ||
| 564 | if (len < 0) { | ||
| 565 | SSLerr(SSL_F_SSL3_WRITE_BYTES, ERR_R_INTERNAL_ERROR); | ||
| 566 | return -1; | ||
| 567 | } | ||
| 568 | |||
| 564 | s->rwstate = SSL_NOTHING; | 569 | s->rwstate = SSL_NOTHING; |
| 565 | tot = s->s3->wnum; | 570 | tot = s->s3->wnum; |
| 566 | s->s3->wnum = 0; | 571 | s->s3->wnum = 0; |
| @@ -902,6 +907,11 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) | |||
| 902 | if (!ssl3_setup_read_buffer(s)) | 907 | if (!ssl3_setup_read_buffer(s)) |
| 903 | return (-1); | 908 | return (-1); |
| 904 | 909 | ||
| 910 | if (len < 0) { | ||
| 911 | SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR); | ||
| 912 | return -1; | ||
| 913 | } | ||
| 914 | |||
| 905 | if ((type && (type != SSL3_RT_APPLICATION_DATA) && | 915 | if ((type && (type != SSL3_RT_APPLICATION_DATA) && |
| 906 | (type != SSL3_RT_HANDSHAKE) && type) || | 916 | (type != SSL3_RT_HANDSHAKE) && type) || |
| 907 | (peek && (type != SSL3_RT_APPLICATION_DATA))) { | 917 | (peek && (type != SSL3_RT_APPLICATION_DATA))) { |
diff --git a/src/lib/libssl/src/ssl/s3_pkt.c b/src/lib/libssl/src/ssl/s3_pkt.c index 4a8462ecb9..a5ed3c07cc 100644 --- a/src/lib/libssl/src/ssl/s3_pkt.c +++ b/src/lib/libssl/src/ssl/s3_pkt.c | |||
| @@ -561,6 +561,11 @@ ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) | |||
| 561 | unsigned int tot, n, nw; | 561 | unsigned int tot, n, nw; |
| 562 | int i; | 562 | int i; |
| 563 | 563 | ||
| 564 | if (len < 0) { | ||
| 565 | SSLerr(SSL_F_SSL3_WRITE_BYTES, ERR_R_INTERNAL_ERROR); | ||
| 566 | return -1; | ||
| 567 | } | ||
| 568 | |||
| 564 | s->rwstate = SSL_NOTHING; | 569 | s->rwstate = SSL_NOTHING; |
| 565 | tot = s->s3->wnum; | 570 | tot = s->s3->wnum; |
| 566 | s->s3->wnum = 0; | 571 | s->s3->wnum = 0; |
| @@ -902,6 +907,11 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) | |||
| 902 | if (!ssl3_setup_read_buffer(s)) | 907 | if (!ssl3_setup_read_buffer(s)) |
| 903 | return (-1); | 908 | return (-1); |
| 904 | 909 | ||
| 910 | if (len < 0) { | ||
| 911 | SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR); | ||
| 912 | return -1; | ||
| 913 | } | ||
| 914 | |||
| 905 | if ((type && (type != SSL3_RT_APPLICATION_DATA) && | 915 | if ((type && (type != SSL3_RT_APPLICATION_DATA) && |
| 906 | (type != SSL3_RT_HANDSHAKE) && type) || | 916 | (type != SSL3_RT_HANDSHAKE) && type) || |
| 907 | (peek && (type != SSL3_RT_APPLICATION_DATA))) { | 917 | (peek && (type != SSL3_RT_APPLICATION_DATA))) { |