Add extra checks for odd-length EC curve lists.

Odd-length lists should be rejected everywhere upon parsing. Nevertheless, be extra careful and add guards against off-by-one reads. Also, drive-by replace inexplicable double-negation with an explicit comparison. Reviewed-by: Matt Caswell <matt@openssl.org>
author: Emilia Kasper <emilia@openssl.org> 2014-12-01 16:55:55 +0100
committer: Emilia Kasper <emilia@openssl.org> 2014-12-05 18:24:54 +0100
commit: 533814c6b52b9beabe572dd428afc53732e4ce3f (patch)
tree: bc77e6b8802c6375f42b1d396d6caf00da0058f1 /ssl/ssl.h
parent: b32474a40ba3735f674c508795f92c4a5ebbe825 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/ssl/ssl.h b/ssl/ssl.h
index d526952e72..a5af6fca57 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -2688,6 +2688,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT		 274
 #define SSL_F_TLS1_ENC					 210
 #define SSL_F_TLS1_EXPORT_KEYING_MATERIAL		 314
+#define SSL_F_TLS1_GET_CURVELIST			 338
 #define SSL_F_TLS1_HEARTBEAT				 315
 #define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT		 275
 #define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT		 276
author	Emilia Kasper <emilia@openssl.org>	2014-12-01 16:55:55 +0100
committer	Emilia Kasper <emilia@openssl.org>	2014-12-05 18:24:54 +0100
commit	533814c6b52b9beabe572dd428afc53732e4ce3f (patch)
tree	bc77e6b8802c6375f42b1d396d6caf00da0058f1 /ssl/ssl.h
parent	b32474a40ba3735f674c508795f92c4a5ebbe825 (diff)