kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Additional CVE-2014-0224 protection. 

Return a fatal error if an attempt is made to use a zero length
master secret.

(Imported from upstream's 9d2c9dd1e1)
kris/onging/CECPQ3_patch15
Adam Langley 10 years ago
parent
895780572b
commit
ec48ffc1fe
1 changed files with 1 additions and 1 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      ssl/s3_pkt.c

+ 1
- 1
ssl/s3_pkt.c View File

@@ -1458,7 +1458,7 @@ int ssl3_do_change_cipher_spec(SSL *s)


if (s->s3->tmp.key_block == NULL) if (s->s3->tmp.key_block == NULL)
{ {
if (s->session == NULL)
if (s->session == NULL || s->session->master_key_length == 0)
{ {
/* might happen if dtls1_read_bytes() calls this */ /* might happen if dtls1_read_bytes() calls this */
OPENSSL_PUT_ERROR(SSL, ssl3_do_change_cipher_spec, SSL_R_CCS_RECEIVED_EARLY); OPENSSL_PUT_ERROR(SSL, ssl3_do_change_cipher_spec, SSL_R_CCS_RECEIVED_EARLY);


Write Preview
Loading…
Cancel
Save