diff options
author | bz <bz@FreeBSD.org> | 2012-05-03 15:25:11 +0000 |
---|---|---|
committer | bz <bz@FreeBSD.org> | 2012-05-03 15:25:11 +0000 |
commit | 48f59d28b651092680a3d14a183ef5b108f766c9 (patch) | |
tree | 308fed307a1a34ef05a861d58b6041099cb0b373 /crypto/openssl/ssl/s3_enc.c | |
parent | fa4352cd7f9cb0b62893271a3cdaba1079e3013c (diff) | |
download | FreeBSD-src-48f59d28b651092680a3d14a183ef5b108f766c9.zip FreeBSD-src-48f59d28b651092680a3d14a183ef5b108f766c9.tar.gz |
Fix multiple OpenSSL vulnerabilities.
Security: CVE-2011-4576, CVE-2011-4619, CVE-2011-4109
Security: CVE-2012-0884, CVE-2012-2110
Security: FreeBSD-SA-12:01.openssl
Approved by: so (bz,simon)
Diffstat (limited to 'crypto/openssl/ssl/s3_enc.c')
-rw-r--r-- | crypto/openssl/ssl/s3_enc.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/crypto/openssl/ssl/s3_enc.c b/crypto/openssl/ssl/s3_enc.c index 1539a4c..759231d 100644 --- a/crypto/openssl/ssl/s3_enc.c +++ b/crypto/openssl/ssl/s3_enc.c @@ -479,6 +479,9 @@ int ssl3_enc(SSL *s, int send) /* we need to add 'i-1' padding bytes */ l+=i; + /* the last of these zero bytes will be overwritten + * with the padding length. */ + memset(&rec->input[rec->length], 0, i); rec->length+=i; rec->input[l-1]=(i-1); } |