wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix array bounds violation in ssl_session_dup

Browse source 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6353)
This commit is contained in:
Bernd Edlinger 2018-05-25 08:06:55 +02:00
parent a0abb6a10f
commit 1bb829300a
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
ssl/ssl_sess.c
View file

@ -204,7 +204,8 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
if (src->ext.supportedgroups) {
dest->ext.supportedgroups =
OPENSSL_memdup(src->ext.supportedgroups,
src->ext.supportedgroups_len);
src->ext.supportedgroups_len
* sizeof(*src->ext.supportedgroups));
if (dest->ext.supportedgroups == NULL)
goto err;
}