Add extra checks for odd-length EC curve lists.

Odd-length lists should be rejected everywhere upon parsing. Nevertheless, be extra careful and add guards against off-by-one reads. Also, drive-by replace inexplicable double-negation with an explicit comparison. Reviewed-by: Matt Caswell <matt@openssl.org>
author: Emilia Kasper <emilia@openssl.org> 2014-12-01 16:55:55 +0100
committer: Emilia Kasper <emilia@openssl.org> 2014-12-05 16:57:58 +0100
commit: 740580c2b2b86c2ffdc4a2d36850248c6091d6a0 (patch)
tree: 11c23fecf622c487754f9481d5fcf3fb41613f8f /ssl/ssl.h
parent: 33d5ba862939ff8db70a9e36fc9a326fab3e8d98 (diff)
download: openssl-740580c2b2b86c2ffdc4a2d36850248c6091d6a0.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 388d4005c1..61c9890538 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -2727,6 +2727,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT		 274
 #define SSL_F_TLS1_ENC					 210
 #define SSL_F_TLS1_EXPORT_KEYING_MATERIAL		 314
+#define SSL_F_TLS1_GET_CURVELIST			 338
 #define SSL_F_TLS1_HEARTBEAT				 315
 #define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT		 275
 #define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT		 276
author	Emilia Kasper <emilia@openssl.org>	2014-12-01 16:55:55 +0100
committer	Emilia Kasper <emilia@openssl.org>	2014-12-05 16:57:58 +0100
commit	740580c2b2b86c2ffdc4a2d36850248c6091d6a0 (patch)
tree	11c23fecf622c487754f9481d5fcf3fb41613f8f /ssl/ssl.h
parent	33d5ba862939ff8db70a9e36fc9a326fab3e8d98 (diff)
download	openssl-740580c2b2b86c2ffdc4a2d36850248c6091d6a0.tar.gz