diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-01-04 18:54:17 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-01-04 18:54:17 +0000 |
commit | e643112dd8166ec64885d22b147ff17b206941b8 (patch) | |
tree | b46d901e298730458007386d1d3c996022fc9b43 /ssl/s3_enc.c | |
parent | 21c4b259598efe3ea8c834c1568e8b762be120c4 (diff) |
Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576)
Diffstat (limited to 'ssl/s3_enc.c')
-rw-r--r-- | ssl/s3_enc.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 1539a4ce1c..759231d9d4 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -479,6 +479,9 @@ int ssl3_enc(SSL *s, int send) /* we need to add 'i-1' padding bytes */ l+=i; + /* the last of these zero bytes will be overwritten + * with the padding length. */ + memset(&rec->input[rec->length], 0, i); rec->length+=i; rec->input[l-1]=(i-1); } |