diff options
author | Lutz Jänicke <jaenicke@openssl.org> | 2002-07-30 13:04:04 +0000 |
---|---|---|
committer | Lutz Jänicke <jaenicke@openssl.org> | 2002-07-30 13:04:04 +0000 |
commit | c046fffa16cd55c972f71c49051b8ce6b83eed7f (patch) | |
tree | f88e3f90a37215466511661e101da6882f8c0836 /ssl/ssl_sess.c | |
parent | 3aecef76973dbea037ec4e1ceba7ec1bd3fb683a (diff) |
OpenSSL Security Advisory [30 July 2002]
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
Diffstat (limited to 'ssl/ssl_sess.c')
-rw-r--r-- | ssl/ssl_sess.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 6424f775e2..8bfc382bb6 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -60,6 +60,7 @@ #include <openssl/lhash.h> #include <openssl/rand.h> #include "ssl_locl.h" +#include "cryptlib.h" static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s); static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s); @@ -250,6 +251,7 @@ int ssl_get_new_session(SSL *s, int session) ss->session_id_length=0; } + die(s->sid_ctx_length <= sizeof ss->sid_ctx); memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length); ss->sid_ctx_length=s->sid_ctx_length; s->session=ss; |