Add sanity check to ssl_get_prev_session
Sanity check the |len| parameter to ensure it is positive. Thanks to Kevin
Wojtysiak (Int3 Solutions) and Paramjot Oberoi (Int3 Solutions) for
reporting this issue.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit cb0f400b0c
)
This commit is contained in:
parent
75862f7741
commit
9c5efc9c65
1 changed files with 1 additions and 1 deletions
|
@ -449,7 +449,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
|
|||
int r;
|
||||
#endif
|
||||
|
||||
if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
|
||||
if (len < 0 || len > SSL_MAX_SSL_SESSION_ID_LENGTH)
|
||||
goto err;
|
||||
|
||||
if (session_id + len > limit) {
|
||||
|
|
Loading…
Reference in a new issue