aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/openssl/ssl/s3_srvr.c
diff options
context:
space:
mode:
authorJacques Vidrine <nectar@FreeBSD.org>2004-04-02 01:11:21 +0000
committerJacques Vidrine <nectar@FreeBSD.org>2004-04-02 01:11:21 +0000
commit2c1f04b98265bc99c7ea96fac543f425bc585ca0 (patch)
tree8adc277b9bb0584b1a7f80b28e118e683e5b12be /crypto/openssl/ssl/s3_srvr.c
parentb4a40edb7bd745feffcce8aa715cb15f562a0a3f (diff)
downloadsrc-2c1f04b98265bc99c7ea96fac543f425bc585ca0.tar.gz
src-2c1f04b98265bc99c7ea96fac543f425bc585ca0.zip
MFC OpenSSL 0.9.7d.
Notes
Notes: svn path=/stable/4/; revision=127738
Diffstat (limited to 'crypto/openssl/ssl/s3_srvr.c')
-rw-r--r--crypto/openssl/ssl/s3_srvr.c19
1 files changed, 18 insertions, 1 deletions
diff --git a/crypto/openssl/ssl/s3_srvr.c b/crypto/openssl/ssl/s3_srvr.c
index 881f68b99891..deb3cffabeb5 100644
--- a/crypto/openssl/ssl/s3_srvr.c
+++ b/crypto/openssl/ssl/s3_srvr.c
@@ -121,9 +121,10 @@
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
+#ifndef OPENSSL_NO_KRB5
#include <openssl/krb5_asn.h>
+#endif
#include <openssl/md5.h>
-#include "cryptlib.h"
static SSL_METHOD *ssl3_get_server_method(int ver);
static int ssl3_get_client_hello(SSL *s);
@@ -1587,11 +1588,27 @@ static int ssl3_get_client_key_exchange(SSL *s)
n2s(p,i);
enc_ticket.length = i;
+
+ if (n < enc_ticket.length + 6)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DATA_LENGTH_TOO_LONG);
+ goto err;
+ }
+
enc_ticket.data = (char *)p;
p+=enc_ticket.length;
n2s(p,i);
authenticator.length = i;
+
+ if (n < enc_ticket.length + authenticator.length + 6)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_DATA_LENGTH_TOO_LONG);
+ goto err;
+ }
+
authenticator.data = (char *)p;
p+=authenticator.length;