Added len_len error checking for internal cbb_buffer_add_u().

author doug <doug@openbsd.org>

Wed, 29 Apr 2015 01:39:32 +0000 (01:39 +0000)

committer doug <doug@openbsd.org>

Wed, 29 Apr 2015 01:39:32 +0000 (01:39 +0000)
author doug <doug@openbsd.org>
Wed, 29 Apr 2015 01:39:32 +0000 (01:39 +0000)
committer doug <doug@openbsd.org>
Wed, 29 Apr 2015 01:39:32 +0000 (01:39 +0000)
diff --git a/lib/libssl/bs_cbb.c b/lib/libssl/bs_cbb.c

index 5546fac..7f0e474 100644 (file)
--- a/lib/libssl/bs_cbb.c
+++ b/lib/libssl/bs_cbb.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: bs_cbb.c,v 1.5 2015/02/07 06:10:32 doug Exp $ */
+/*     $OpenBSD: bs_cbb.c,v 1.6 2015/04/29 01:39:32 doug Exp $ */
  /*
   * Copyright (c) 2014, Google Inc.
   *
@@ -127,6 +127,9 @@ cbb_buffer_add_u(struct cbb_buffer_st *base, uint32_t v, size_t len_len)
         if (len_len == 0)
                 return 1;
  
+       if (len_len > 4)
+               return 0;
+
         if (!cbb_buffer_add(base, &buf, len_len))
                 return 0;
  
diff --git a/lib/libssl/src/ssl/bs_cbb.c b/lib/libssl/src/ssl/bs_cbb.c

index 5546fac..7f0e474 100644 (file)
--- a/lib/libssl/src/ssl/bs_cbb.c
+++ b/lib/libssl/src/ssl/bs_cbb.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: bs_cbb.c,v 1.5 2015/02/07 06:10:32 doug Exp $ */
+/*     $OpenBSD: bs_cbb.c,v 1.6 2015/04/29 01:39:32 doug Exp $ */
  /*
   * Copyright (c) 2014, Google Inc.
   *
@@ -127,6 +127,9 @@ cbb_buffer_add_u(struct cbb_buffer_st *base, uint32_t v, size_t len_len)
         if (len_len == 0)
                 return 1;
  
+       if (len_len > 4)
+               return 0;
+
         if (!cbb_buffer_add(base, &buf, len_len))
                 return 0;
author	doug <doug@openbsd.org>
	Wed, 29 Apr 2015 01:39:32 +0000 (01:39 +0000)
committer	doug <doug@openbsd.org>
	Wed, 29 Apr 2015 01:39:32 +0000 (01:39 +0000)
lib/libssl/bs_cbb.c		patch \| blob \| history
lib/libssl/src/ssl/bs_cbb.c		patch \| blob \| history