diff options
author | Matt Caswell <matt@openssl.org> | 2015-04-28 15:28:23 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-04-30 23:12:39 +0100 |
commit | cb0f400b0cea2d2943f99b1e89c04ff6ed748cd5 (patch) | |
tree | fd42bbb109132bccf101826d57c6e574f7dc9e90 /ssl | |
parent | c427570e5098e120cbcb66e799f85c317aac7b91 (diff) | |
download | openssl-cb0f400b0cea2d2943f99b1e89c04ff6ed748cd5.tar.gz |
Add sanity check to ssl_get_prev_session
Sanity check the |len| parameter to ensure it is positive. Thanks to Kevin
Wojtysiak (Int3 Solutions) and Paramjot Oberoi (Int3 Solutions) for
reporting this issue.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl_sess.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index cec5905291..34b6fac2bc 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -439,7 +439,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, int r; #endif - if (len > SSL_MAX_SSL_SESSION_ID_LENGTH) + if (len < 0 || len > SSL_MAX_SSL_SESSION_ID_LENGTH) goto err; if (session_id + len > limit) { |