Fix multiple OpenSSL vulnerabilities.

Security: CVE-2011-4576, CVE-2011-4619, CVE-2011-4109 Security: CVE-2012-0884, CVE-2012-2110 Security: FreeBSD-SA-12:01.openssl Approved by: so (bz,simon)
author: bz <bz@FreeBSD.org> 2012-05-03 15:25:11 +0000
committer: bz <bz@FreeBSD.org> 2012-05-03 15:25:11 +0000
commit: 48f59d28b651092680a3d14a183ef5b108f766c9 (patch)
tree: 308fed307a1a34ef05a861d58b6041099cb0b373 /crypto/openssl/ssl/s3_enc.c
parent: fa4352cd7f9cb0b62893271a3cdaba1079e3013c (diff)
download: FreeBSD-src-48f59d28b651092680a3d14a183ef5b108f766c9.zip
FreeBSD-src-48f59d28b651092680a3d14a183ef5b108f766c9.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/crypto/openssl/ssl/s3_enc.c b/crypto/openssl/ssl/s3_enc.c
index 1539a4c..759231d 100644
--- a/crypto/openssl/ssl/s3_enc.c
+++ b/crypto/openssl/ssl/s3_enc.c
@@ -479,6 +479,9 @@ int ssl3_enc(SSL *s, int send)
 
 			/* we need to add 'i-1' padding bytes */
 			l+=i;
+			/* the last of these zero bytes will be overwritten
+			 * with the padding length. */
+			memset(&rec->input[rec->length], 0, i);
 			rec->length+=i;
 			rec->input[l-1]=(i-1);
 			}
author	bz <bz@FreeBSD.org>	2012-05-03 15:25:11 +0000
committer	bz <bz@FreeBSD.org>	2012-05-03 15:25:11 +0000
commit	48f59d28b651092680a3d14a183ef5b108f766c9 (patch)
tree	308fed307a1a34ef05a861d58b6041099cb0b373 /crypto/openssl/ssl/s3_enc.c
parent	fa4352cd7f9cb0b62893271a3cdaba1079e3013c (diff)
download	FreeBSD-src-48f59d28b651092680a3d14a183ef5b108f766c9.zip FreeBSD-src-48f59d28b651092680a3d14a183ef5b108f766c9.tar.gz