diff options
| -rw-r--r-- | CHANGES | 8 | ||||
| -rw-r--r-- | ssl/d1_enc.c | 2 |
2 files changed, 9 insertions, 1 deletions
@@ -4,6 +4,14 @@ Changes between 0.9.8w and 0.9.8x [xx XXX xxxx] + *) Sanity check record length before skipping explicit IV in DTLS + to fix DoS attack. + + Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic + fuzzing as a service testing platform. + (CVE-2012-2333) + [Steve Henson] + *) Initialise tkeylen properly when encrypting CMS messages. Thanks to Solar Designer of Openwall for reporting this issue. [Steve Henson] diff --git a/ssl/d1_enc.c b/ssl/d1_enc.c index bb96c8a20c..baa75f9186 100644 --- a/ssl/d1_enc.c +++ b/ssl/d1_enc.c @@ -249,7 +249,7 @@ int dtls1_enc(SSL *s, int send) } /* TLS 1.0 does not bound the number of padding bytes by the block size. * All of them must have value 'padding_length'. */ - if (i > (int)rec->length) + if (i + bs > (int)rec->length) { /* Incorrect padding. SSLerr() and ssl3_alert are done * by caller: we don't want to reveal whether this is |