diff options
author | Ryan Sleevi <ryan.sleevi@gmail.com> | 2013-11-09 18:37:03 +0100 |
---|---|---|
committer | Ryan Sleevi <ryan.sleevi@gmail.com> | 2013-11-09 18:37:03 +0100 |
commit | bb35fcc53629adc50f560c6e404223fbe39f9a23 (patch) | |
tree | e88883b36c6d6404ad4a2b1d3be4b2d5c6e6c3c5 | |
parent | 9a0d82155fe4c7220e1d4152551cee44f6229cb2 (diff) | |
download | nss-hg-bb35fcc53629adc50f560c6e404223fbe39f9a23.tar.gz |
Bug 934016: Handle invalid handshake packets, r=wtc
-rw-r--r-- | security/nss/lib/ssl/ssl3con.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c index e69d4051f..aee499ad9 100644 --- a/security/nss/lib/ssl/ssl3con.c +++ b/security/nss/lib/ssl/ssl3con.c @@ -740,6 +740,11 @@ static SECStatus Null_Cipher(void *ctx, unsigned char *output, int *outputLen, int maxOutputLen, const unsigned char *input, int inputLen) { + if (inputLen > maxOutputLen) { + *outputLen = 0; /* Match PK11_CipherOp in setting outputLen */ + PORT_SetError(SEC_ERROR_OUTPUT_LEN); + return SECFailure; + } *outputLen = inputLen; if (input != output) PORT_Memcpy(output, input, inputLen); |