Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / lk / refs/tags/FP3-REL-Q.3.A.0134 / . / lib / openssl / patches / secadv_20101116-2.patch
blob: cd13136aeedd799b36807ea062540ab9c75d885e [file] [log] [blame]
Kinson Chika8fa74c2011-07-29 11:33:41 -0700[diff] [blame]1--- openssl-1.0.0.orig/ssl/t1_lib.c 15 Jun 2010 17:25:15 -0000 1.64.2.14
2+++ openssl-1.0.0/ssl/t1_lib.c 15 Nov 2010 15:26:19 -0000
3@@ -714,14 +714,23 @@
4 switch (servname_type)
5 {
6 case TLSEXT_NAMETYPE_host_name:
7- if (s->session->tlsext_hostname == NULL)
8+ if (!s->hit)
9 {
10- if (len > TLSEXT_MAXLEN_host_name ||
11- ((s->session->tlsext_hostname = OPENSSL_malloc(len+1)) == NULL))
12+ if(s->session->tlsext_hostname)
13+ {
14+ *al = SSL_AD_DECODE_ERROR;
15+ return 0;
16+ }
17+ if (len > TLSEXT_MAXLEN_host_name)
18 {
19 *al = TLS1_AD_UNRECOGNIZED_NAME;
20 return 0;
21 }
22+ if ((s->session->tlsext_hostname = OPENSSL_malloc(len+1)) == NULL)
23+ {
24+ *al = TLS1_AD_INTERNAL_ERROR;
25+ return 0;
26+ }
27 memcpy(s->session->tlsext_hostname, sdata, len);
28 s->session->tlsext_hostname[len]='\0';
29 if (strlen(s->session->tlsext_hostname) != len) {
30@@ -734,7 +743,8 @@
31
32 }
33 else
34- s->servername_done = strlen(s->session->tlsext_hostname) == len
35+ s->servername_done = s->session->tlsext_hostname
36+ && strlen(s->session->tlsext_hostname) == len
37 && strncmp(s->session->tlsext_hostname, (char *)sdata, len) == 0;
38
39 break;
40@@ -765,15 +775,22 @@
41 *al = TLS1_AD_DECODE_ERROR;
42 return 0;
43 }
44- s->session->tlsext_ecpointformatlist_length = 0;
45- if (s->session->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->session->tlsext_ecpointformatlist);
46- if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL)
47+ if (!s->hit)
48 {
49- *al = TLS1_AD_INTERNAL_ERROR;
50- return 0;
51+ if(s->session->tlsext_ecpointformatlist)
52+ {
53+ *al = TLS1_AD_DECODE_ERROR;
54+ return 0;
55+ }
56+ s->session->tlsext_ecpointformatlist_length = 0;
57+ if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL)
58+ {
59+ *al = TLS1_AD_INTERNAL_ERROR;
60+ return 0;
61+ }
62+ s->session->tlsext_ecpointformatlist_length = ecpointformatlist_length;
63+ memcpy(s->session->tlsext_ecpointformatlist, sdata, ecpointformatlist_length);
64 }
65- s->session->tlsext_ecpointformatlist_length = ecpointformatlist_length;
66- memcpy(s->session->tlsext_ecpointformatlist, sdata, ecpointformatlist_length);
67 #if 0
68 fprintf(stderr,"ssl_parse_clienthello_tlsext s->session->tlsext_ecpointformatlist (length=%i) ", s->session->tlsext_ecpointformatlist_length);
69 sdata = s->session->tlsext_ecpointformatlist;
70@@ -794,15 +811,22 @@
71 *al = TLS1_AD_DECODE_ERROR;
72 return 0;
73 }
74- s->session->tlsext_ellipticcurvelist_length = 0;
75- if (s->session->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->session->tlsext_ellipticcurvelist);
76- if ((s->session->tlsext_ellipticcurvelist = OPENSSL_malloc(ellipticcurvelist_length)) == NULL)
77+ if (!s->hit)
78 {
79- *al = TLS1_AD_INTERNAL_ERROR;
80- return 0;
81+ if(s->session->tlsext_ellipticcurvelist)
82+ {
83+ *al = TLS1_AD_DECODE_ERROR;
84+ return 0;
85+ }
86+ s->session->tlsext_ellipticcurvelist_length = 0;
87+ if ((s->session->tlsext_ellipticcurvelist = OPENSSL_malloc(ellipticcurvelist_length)) == NULL)
88+ {
89+ *al = TLS1_AD_INTERNAL_ERROR;
90+ return 0;
91+ }
92+ s->session->tlsext_ellipticcurvelist_length = ellipticcurvelist_length;
93+ memcpy(s->session->tlsext_ellipticcurvelist, sdata, ellipticcurvelist_length);
94 }
95- s->session->tlsext_ellipticcurvelist_length = ellipticcurvelist_length;
96- memcpy(s->session->tlsext_ellipticcurvelist, sdata, ellipticcurvelist_length);
97 #if 0
98 fprintf(stderr,"ssl_parse_clienthello_tlsext s->session->tlsext_ellipticcurvelist (length=%i) ", s->session->tlsext_ellipticcurvelist_length);
99 sdata = s->session->tlsext_ellipticcurvelist;