From 0e48583e384b473bddadeed479e2ac76911814bc Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Sun, 22 Jun 2014 14:41:10 +0000
Subject: In BIO_get_port(), use strol() with appropriate range checks rather
 than an atoi() followed by an unsigned short cast. This stops things like
 "-1" and "66536" from being considered to be "valid" port numbers.

ok beck@ deraadt@
---
 src/lib/libcrypto/bio/bio_err.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/lib/libcrypto/bio/bio_err.c')

diff --git a/src/lib/libcrypto/bio/bio_err.c b/src/lib/libcrypto/bio/bio_err.c
index e6bf958b6e..8307c1099f 100644
--- a/src/lib/libcrypto/bio/bio_err.c
+++ b/src/lib/libcrypto/bio/bio_err.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bio_err.c,v 1.14 2014/06/12 15:49:28 deraadt Exp $ */
+/* $OpenBSD: bio_err.c,v 1.15 2014/06/22 14:41:10 jsing Exp $ */
 /* ====================================================================
  * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
  *
@@ -118,6 +118,7 @@ static ERR_STRING_DATA BIO_str_reasons[] = {
 	{ERR_REASON(BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET), "gethostbyname addr is not af inet"},
 	{ERR_REASON(BIO_R_INVALID_ARGUMENT)      , "invalid argument"},
 	{ERR_REASON(BIO_R_INVALID_IP_ADDRESS)    , "invalid ip address"},
+	{ERR_REASON(BIO_R_INVALID_PORT_NUMBER)   , "invalid port number"},
 	{ERR_REASON(BIO_R_IN_USE)                , "in use"},
 	{ERR_REASON(BIO_R_KEEPALIVE)             , "keepalive"},
 	{ERR_REASON(BIO_R_NBIO_CONNECT_ERROR)    , "nbio connect error"},
-- 
cgit v1.2.3-55-g6feb