Bug#19370676 : YASSL PRE-AUTH BUFFER OVERFLOW WHEN CLIENT

LIES ABOUT SUITE_LEN_ and Bug#19355577 : YASSL PRE-AUTH BUFFER OVERFLOW WHEN CLIENT LIES ABOUT COMP_LEN_ Description : Updating yaSSL to version 2.3.4.
author: Harin Vadodaria <harin.vadodaria@oracle.com> 2014-08-23 08:59:03 +0530
committer: Harin Vadodaria <harin.vadodaria@oracle.com> 2014-08-23 08:59:03 +0530
commit: 6b1d25a3b366c73752fe02350f48f8449311e7ec (patch)
tree: 7e692646b16ed1d7255c950ef60f3400cf29cb9a /extra/yassl/include
parent: 63a6af328594a48b9ea930d17088c739a2ebe4c8 (diff)
download: mariadb-git-6b1d25a3b366c73752fe02350f48f8449311e7ec.tar.gz
2 files changed, 15 insertions, 5 deletions
diff --git a/extra/yassl/include/buffer.hpp b/extra/yassl/include/buffer.hpp
index 27f71199093..77d2ed8193c 100644
--- a/extra/yassl/include/buffer.hpp
+++ b/extra/yassl/include/buffer.hpp
@@ -1,5 +1,5 @@
 /*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -48,7 +48,11 @@ const uint AUTO = 0xFEEDBEEF;
 
 
 struct NoCheck {
-    void check(uint, uint);
+    int check(uint, uint);
+};
+
+struct Check {
+    int check(uint, uint);
 };
 
 /* input_buffer operates like a smart c style array with a checking option, 
@@ -60,11 +64,13 @@ struct NoCheck {
  * write to the buffer bulk wise and have the correct size
  */
 
-class input_buffer : public NoCheck {
+class input_buffer : public Check {
     uint   size_;                // number of elements in buffer
     uint   current_;             // current offset position in buffer
     byte*  buffer_;              // storage for buffer
     byte*  end_;                 // end of storage marker
+    int    error_;               // error number
+    byte   zero_;                // for returning const reference to zero byte
 public:
     input_buffer();
 
@@ -93,6 +99,10 @@ public:
 
     uint get_remaining() const;
 
+    int  get_error()     const;
+
+    void set_error();
+
     void set_current(uint i);
 
     // read only access through [], advance current
@@ -103,7 +113,7 @@ public:
     bool eof();
 
     // peek ahead
-    byte peek() const;
+    byte peek();
 
     // write function, should use at/near construction
     void assign(const byte* t, uint s);
diff --git a/extra/yassl/include/openssl/ssl.h b/extra/yassl/include/openssl/ssl.h
index d4226450660..993822d0ab0 100644
--- a/extra/yassl/include/openssl/ssl.h
+++ b/extra/yassl/include/openssl/ssl.h
@@ -35,7 +35,7 @@
 #include "rsa.h"
 
 
-#define YASSL_VERSION "2.3.0"
+#define YASSL_VERSION "2.3.4"
 
 
 #if defined(__cplusplus)
author	Harin Vadodaria <harin.vadodaria@oracle.com>	2014-08-23 08:59:03 +0530
committer	Harin Vadodaria <harin.vadodaria@oracle.com>	2014-08-23 08:59:03 +0530
commit	6b1d25a3b366c73752fe02350f48f8449311e7ec (patch)
tree	7e692646b16ed1d7255c950ef60f3400cf29cb9a /extra/yassl/include
parent	63a6af328594a48b9ea930d17088c739a2ebe4c8 (diff)
download	mariadb-git-6b1d25a3b366c73752fe02350f48f8449311e7ec.tar.gz