diff options
author | Ryan Sleevi <ryan.sleevi@gmail.com> | 2013-11-01 18:53:34 -0700 |
---|---|---|
committer | Ryan Sleevi <ryan.sleevi@gmail.com> | 2013-11-01 18:53:34 -0700 |
commit | bd5ef86d77fbd3d04053148731819d1b07df41a6 (patch) | |
tree | 3d66c610b815272dc8bb967969f85d410ef0b3d6 | |
parent | e670413d7b095bbae36fc3b102e117c198acafc6 (diff) | |
download | nss-hg-bd5ef86d77fbd3d04053148731819d1b07df41a6.tar.gz |
Bug 934016: Handle invalid handshake packets, r=wtcNSS_3_15_3_BETA3
-rw-r--r-- | lib/ssl/ssl3con.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c index f6bc62b96..f46a470de 100644 --- a/lib/ssl/ssl3con.c +++ b/lib/ssl/ssl3con.c @@ -819,6 +819,11 @@ static SECStatus Null_Cipher(void *ctx, unsigned char *output, int *outputLen, int maxOutputLen, const unsigned char *input, int inputLen) { + if (inputLen > maxOutputLen) { + *outputLen = 0; /* Match PK11_CipherOp in setting outputLen */ + PORT_SetError(SEC_ERROR_OUTPUT_LEN); + return SECFailure; + } *outputLen = inputLen; if (input != output) PORT_Memcpy(output, input, inputLen); |