Merge mysql.com:/data0/mysqldev/my/mysql-5.0-release

into mysql.com:/data0/mysqldev/users/serg/mysql-5.0-release
author: serg/mysqldev@janus.mylan/production.mysql.com <> 2008-01-11 13:45:20 +0100
committer: serg/mysqldev@janus.mylan/production.mysql.com <> 2008-01-11 13:45:20 +0100
commit: c8bbc6ab1efb35cb192ba57999ae1b85fe281331 (patch)
tree: 9128b2c11ff3d783634c4017a59ec216fe9479b1 /extra/yassl/src/handshake.cpp
parent: fb8cceb06e926bddf1e342646b8481a85996c637 (diff)
parent: 1cb6ad3c8c0cd11f2d3f5dc74d1459223013939f (diff)
download: mariadb-git-c8bbc6ab1efb35cb192ba57999ae1b85fe281331.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/extra/yassl/src/handshake.cpp b/extra/yassl/src/handshake.cpp
index 1d5a95820bb..262b5cb3b8b 100644
--- a/extra/yassl/src/handshake.cpp
+++ b/extra/yassl/src/handshake.cpp
@@ -527,6 +527,11 @@ void ProcessOldClientHello(input_buffer& input, SSL& ssl)
     input.read(len, sizeof(len));
     uint16 randomLen;
     ato16(len, randomLen);
+    if (ch.suite_len_ > MAX_SUITE_SZ || sessionLen > ID_LEN ||
+        randomLen > RAN_LEN) {
+        ssl.SetError(bad_input);
+        return;
+    }
 
     int j = 0;
     for (uint16 i = 0; i < ch.suite_len_; i += 3) {
author	serg/mysqldev@janus.mylan/production.mysql.com <>	2008-01-11 13:45:20 +0100
committer	serg/mysqldev@janus.mylan/production.mysql.com <>	2008-01-11 13:45:20 +0100
commit	c8bbc6ab1efb35cb192ba57999ae1b85fe281331 (patch)
tree	9128b2c11ff3d783634c4017a59ec216fe9479b1 /extra/yassl/src/handshake.cpp
parent	fb8cceb06e926bddf1e342646b8481a85996c637 (diff)
parent	1cb6ad3c8c0cd11f2d3f5dc74d1459223013939f (diff)
download	mariadb-git-c8bbc6ab1efb35cb192ba57999ae1b85fe281331.tar.gz