diff options
author | Matt Caswell <matt@openssl.org> | 2016-09-10 21:24:40 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-09-22 09:28:07 +0100 |
commit | 63658103d4441924f8dbfc517b99bb54758a98b9 (patch) | |
tree | f20ce1722595ea6e7fae3a31b338564b1ba52096 /ssl/statem/statem_clnt.c | |
parent | 6d32c2ae28952b5c1d7a24968e488532fcadc51a (diff) |
Fix a hang with SSL_peek()
If while calling SSL_peek() we read an empty record then we go into an
infinite loop, continually trying to read data from the empty record and
never making any progress. This could be exploited by a malicious peer in
a Denial Of Service attack.
CVE-2016-6305
GitHub Issue #1563
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'ssl/statem/statem_clnt.c')
0 files changed, 0 insertions, 0 deletions