diff options
author | Pauli <ppzgs1@gmail.com> | 2021-03-17 12:00:42 +1000 |
---|---|---|
committer | Pauli <ppzgs1@gmail.com> | 2021-03-18 21:19:15 +1000 |
commit | 3de7f014a985637361bdee775f78209300c88aae (patch) | |
tree | 3119256811e07608e3ae73640ad939a56928feea /ssl/statem | |
parent | 145f12d12dc83c737676883c625c2a95d34251ed (diff) |
ssl: fix coverity 1451515: out of bounds memory access
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14585)
Diffstat (limited to 'ssl/statem')
-rw-r--r-- | ssl/statem/statem_clnt.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index e7917be4fb..666ee43363 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2767,6 +2767,7 @@ static int tls_construct_cke_psk_preamble(SSL *s, WPACKET *pkt) if (psklen > PSK_MAX_PSK_LEN) { SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, ERR_R_INTERNAL_ERROR); + psklen = PSK_MAX_PSK_LEN; /* Avoid overrunning the array on cleanse */ goto err; } else if (psklen == 0) { SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_PSK_IDENTITY_NOT_FOUND); |