backport fix from the stable branch

ChangeLog.0_9_7-stable_not-in-head

@@ -165,28 +165,6 @@ be added to the end of this file.
 
 	DES CFB8 test.
 
-2004-03-17 05:01  mark
-
-	Changed:
-		CHANGES (1.977.2.128), "Exp", lines: +9 -1
-		FAQ (1.61.2.30), "Exp", lines: +1 -1
-		LICENSE (1.7.2.3), "Exp", lines: +1 -1
-		NEWS (1.39.2.21), "Exp", lines: +8 -0
-		README (1.39.2.24), "Exp", lines: +2 -2
-		STATUS (1.211.2.41), "Exp", lines: +4 -1
-		openssl.spec (1.6.2.6), "Exp", lines: +1 -1
-		crypto/opensslv.h (1.40.2.21), "Exp", lines: +2 -2
-		ssl/s3_pkt.c (1.46.2.6), "Exp", lines: +8 -0
-		ssl/s3_srvr.c (1.85.2.20), "Exp", lines: +16 -0
-
-	Fix null-pointer assignment in do_change_cipher_spec() revealed by
-	using the Codenomicon TLS Test Tool (CAN-2004-0079) Fix flaw in
-	SSL/TLS handshaking when using Kerberos ciphersuites
-	(CAN-2004-0112) Ready for 0.9.7d build
-
-		Submitted by: Steven Henson Reviewed by: Joe Orton Approved
-	by: Mark Cox
-
 2004-05-12 16:11  ben
 
 	Changed:

ssl/s3_pkt.c

@@ -1087,6 +1087,14 @@ start:
 			goto f_err;
 			}
 
+		/* Check we have a cipher to change to */
+		if (s->s3->tmp.new_cipher == NULL)
+			{
+			al=SSL_AD_UNEXPECTED_MESSAGE;
+			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
+			goto f_err;
+			}
+
 		rr->length=0;
 
 		if (s->msg_callback)

ssl/s3_srvr.c

@@ -1883,11 +1883,27 @@ int ssl3_get_client_key_exchange(SSL *s)
 
 		n2s(p,i);
 		enc_ticket.length = i;
+
+		if (n < enc_ticket.length + 6)
+			{
+			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+				SSL_R_DATA_LENGTH_TOO_LONG);
+			goto err;
+			}
+
 		enc_ticket.data = (char *)p;
 		p+=enc_ticket.length;
 
 		n2s(p,i);
 		authenticator.length = i;
+
+		if (n < enc_ticket.length + authenticator.length + 6)
+			{
+			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+				SSL_R_DATA_LENGTH_TOO_LONG);
+			goto err;
+			}
+
 		authenticator.data = (char *)p;
 		p+=authenticator.length;