CVE-2013-0169: Make CBC decoding constant time (cherry-picked from 2c082d25fc3f0dd6e56c45407fe10638b904083c) Bug: 8017911 Bug: 8095088 Change-Id: I57556e120fd1f585d38739d0d6aaf02bcbe45fbd

commit: fa75fdba32eae335f286afb1dc93ef1b5ec72615 [log] [tgz]
author: Brian Carlstrom <bdc@google.com> Fri Feb 01 23:44:05 2013 -0800
committer: Brian Carlstrom <bdc@google.com> Mon Feb 04 10:56:20 2013 -0800
tree: 6feddc5bf7c637ed8425aae362fecc235f66a030
parent: 4b0baa1ed0dba48c5f450864e0369c601040f84d [diff] [blame]
diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index c8a7d18..c775cd8 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c

@@ -263,7 +263,7 @@
 		goto f_err;
 		}
 
-	if (memcmp(p, s->s3->tmp.peer_finish_md, i) != 0)
+	if (CRYPTO_memcmp(p, s->s3->tmp.peer_finish_md, i) != 0)
 		{
 		al=SSL_AD_DECRYPT_ERROR;
 		SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED);
commit	fa75fdba32eae335f286afb1dc93ef1b5ec72615	[log] [tgz]
author	Brian Carlstrom <bdc@google.com>	Fri Feb 01 23:44:05 2013 -0800
committer	Brian Carlstrom <bdc@google.com>	Mon Feb 04 10:56:20 2013 -0800
tree	6feddc5bf7c637ed8425aae362fecc235f66a030
parent	4b0baa1ed0dba48c5f450864e0369c601040f84d [diff] [blame]