aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/openssl/ssl/ssl_lib.c
diff options
context:
space:
mode:
authorColin Percival <cperciva@FreeBSD.org>2006-09-28 13:06:23 +0000
committerColin Percival <cperciva@FreeBSD.org>2006-09-28 13:06:23 +0000
commit30a6ffb3330a4ce39d12906a7dda5c4d9ed91dc3 (patch)
treedd781c2038cbc6db2809f44aae4144784fa53814 /crypto/openssl/ssl/ssl_lib.c
parentb55396780782c474e291f8557a14c033f4c6941d (diff)
downloadsrc-30a6ffb3330a4ce39d12906a7dda5c4d9ed91dc3.tar.gz
src-30a6ffb3330a4ce39d12906a7dda5c4d9ed91dc3.zip
Correct multiple vulnerabilities in crypto(3).
Limit the size of public keys used in order to protect applications from a denial of service via insane key sizes. Security: FreeBSD-SA-06:23.openssl Approved by: so (cperciva)
Notes
Notes: svn path=/releng/4.11/; revision=162724
Diffstat (limited to 'crypto/openssl/ssl/ssl_lib.c')
-rw-r--r--crypto/openssl/ssl/ssl_lib.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/openssl/ssl/ssl_lib.c b/crypto/openssl/ssl/ssl_lib.c
index ee9a82d5860d..33e089dc0164 100644
--- a/crypto/openssl/ssl/ssl_lib.c
+++ b/crypto/openssl/ssl/ssl_lib.c
@@ -1166,7 +1166,7 @@ char *SSL_get_shared_ciphers(SSL *s,char *buf,int len)
c=sk_SSL_CIPHER_value(sk,i);
for (cp=c->name; *cp; )
{
- if (len-- == 0)
+ if (len-- <= 0)
{
*p='\0';
return(buf);