1
0
mirror of git://projects.qi-hardware.com/openwrt-xburst.git synced 2024-11-24 18:31:53 +02:00
openwrt-xburst/package/openssl/patches/900-CVE-2009-1387.patch
nbd 0e35aadb53 openssl: add fixes for CVE-2009-1387 and CVE-2009-2409 (thx, puchu)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@19369 3c298f89-4303-0410-b956-a3cf2f4a3e73
2010-01-28 19:27:57 +00:00

54 lines
1.2 KiB
Diff

http://bugs.gentoo.org/270305
fix from upstream
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -585,30 +585,31 @@ dtls1_process_out_of_seq_message(SSL *s,
}
}
- frag = dtls1_hm_fragment_new(frag_len);
- if ( frag == NULL)
- goto err;
+ if (frag_len)
+ {
+ frag = dtls1_hm_fragment_new(frag_len);
+ if ( frag == NULL)
+ goto err;
- memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
+ memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
- if (frag_len)
- {
- /* read the body of the fragment (header has already been read */
+ /* read the body of the fragment (header has already been read) */
i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
frag->fragment,frag_len,0);
if (i<=0 || (unsigned long)i!=frag_len)
goto err;
- }
- pq_64bit_init(&seq64);
- pq_64bit_assign_word(&seq64, msg_hdr->seq);
+ pq_64bit_init(&seq64);
+ pq_64bit_assign_word(&seq64, msg_hdr->seq);
- item = pitem_new(seq64, frag);
- pq_64bit_free(&seq64);
- if ( item == NULL)
- goto err;
+ item = pitem_new(seq64, frag);
+ pq_64bit_free(&seq64);
+ if ( item == NULL)
+ goto err;
+
+ pqueue_insert(s->d1->buffered_messages, item);
+ }
- pqueue_insert(s->d1->buffered_messages, item);
return DTLS1_HM_FRAGMENT_RETRY;
err: