提交 cb0f400b 编写于 作者: M Matt Caswell

Add sanity check to ssl_get_prev_session

Sanity check the |len| parameter to ensure it is positive. Thanks to Kevin
Wojtysiak (Int3 Solutions) and Paramjot Oberoi (Int3 Solutions) for
reporting this issue.
Reviewed-by: NAndy Polyakov <appro@openssl.org>
上级 c427570e
...@@ -439,7 +439,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, ...@@ -439,7 +439,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
int r; int r;
#endif #endif
if (len > SSL_MAX_SSL_SESSION_ID_LENGTH) if (len < 0 || len > SSL_MAX_SSL_SESSION_ID_LENGTH)
goto err; goto err;
if (session_id + len > limit) { if (session_id + len > limit) {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册