mirror/openvpn-android
0
0
Fork 0
mirror of https://github.com/schwabe/ics-openvpn.git synced 2024-09-20 20:03:13 +02:00
Code

Add fix for upcoming CVE-2014-8104

Browse Source 
--HG--
extra : rebase_source : ec92418bc2616537f0e6d90eba6d2af0f6ef28ee
This commit is contained in:
Arne Schwabe 2014-12-01 10:43:26 +01:00
parent 9d7d218542
commit 764c6125ab
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
main/openvpn/src/openvpn/ssl.c
View File

@ -2036,7 +2036,11 @@ key_method_2_read (struct buffer *buf, struct tls_multi *multi, struct tls_sessi
ASSERT (session->opt->key_method == 2);
/* discard leading uint32 */
ASSERT (buf_advance (buf, 4));
if (!buf_advance (buf, 4)) {
msg (D_TLS_ERRORS, "TLS ERROR: Plaintext buffer too short (%d bytes).",
buf->len);
goto error;
}
/* get key method */
key_method_flags = buf_read_u8 (buf);