diff options
| author | deraadt <> | 2010-04-20 23:01:28 +0000 |
|---|---|---|
| committer | deraadt <> | 2010-04-20 23:01:28 +0000 |
| commit | ecd8d9a8ac9861dda588d5ab65c14eb7f93d2526 (patch) | |
| tree | 653b8930264e0c0e1fbd332b7e8645140fad00ea /src | |
| parent | f02d115f9c81fc2d96946259ff075bfe253e71dd (diff) | |
| download | openbsd-ecd8d9a8ac9861dda588d5ab65c14eb7f93d2526.tar.gz openbsd-ecd8d9a8ac9861dda588d5ab65c14eb7f93d2526.tar.bz2 openbsd-ecd8d9a8ac9861dda588d5ab65c14eb7f93d2526.zip | |
The openssl command line tool treats the non-null terminated buffer
"mbuf" as a C string when using the pop3 s_client feature. This causes
a segmentation fault with malloc.conf option "J" set when BIO_printf()
runs off the end of the buffer. The following patch fixes PR 6282
from Matthew Haub (asked to submit upstream), ok djm
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/src/apps/s_client.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/libssl/src/apps/s_client.c b/src/lib/libssl/src/apps/s_client.c index 70e7254a91..5bbad0e1e6 100644 --- a/src/lib/libssl/src/apps/s_client.c +++ b/src/lib/libssl/src/apps/s_client.c | |||
| @@ -1074,7 +1074,7 @@ SSL_set_tlsext_status_ids(con, ids); | |||
| 1074 | 1074 | ||
| 1075 | if (starttls_proto) | 1075 | if (starttls_proto) |
| 1076 | { | 1076 | { |
| 1077 | BIO_printf(bio_err,"%s",mbuf); | 1077 | BIO_write(bio_err, mbuf, mbuf_len); |
| 1078 | /* We don't need to know any more */ | 1078 | /* We don't need to know any more */ |
| 1079 | starttls_proto = PROTO_OFF; | 1079 | starttls_proto = PROTO_OFF; |
| 1080 | } | 1080 | } |