Fix race condition in ssl_parse_serverhello_tlsext
CVE-2014-3509 (Imported from upstream's 92aa73bcbfad44f9dd7997ae51537ac5d7dc201e) Change-Id: Ibc681897251081ae5ebfea0ff6ca9defd73fe0f5 Reviewed-on: https://boringssl-review.googlesource.com/1441 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
parent
0dccfbc6c7
commit
5ba06a7532
@ -2328,6 +2328,8 @@ static int ssl_scan_serverhello_tlsext(SSL *s, CBS *cbs, int *out_alert)
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (!s->hit)
|
||||
{
|
||||
if (!CBS_stow(&ec_point_format_list,
|
||||
&s->session->tlsext_ecpointformatlist,
|
||||
&s->session->tlsext_ecpointformatlist_length))
|
||||
@ -2336,6 +2338,7 @@ static int ssl_scan_serverhello_tlsext(SSL *s, CBS *cbs, int *out_alert)
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif /* OPENSSL_NO_EC */
|
||||
else if (type == TLSEXT_TYPE_session_ticket)
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user