Commit 4224bc0a authored by Paul Bakker's avatar Paul Bakker
Browse files

Prevent potential NULL pointer dereference in ssl_read_record()

parent 563ad026
......@@ -12,6 +12,8 @@ Security
This affects certificates in the user-supplied chain except the top
certificate. If the user-supplied chain contains only one certificates,
it is not affected (ie, its notAfter date is properly checked).
* Prevent potential NULL pointer dereference in ssl_read_record() (found by
TrustInSoft)
Bugfix
* The length of various ClientKeyExchange messages was not properly checked.
......
......@@ -2087,7 +2087,8 @@ int ssl_read_record( ssl_context *ssl )
return( POLARSSL_ERR_SSL_INVALID_RECORD );
}
ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen );
if( ssl->state != SSL_HANDSHAKE_OVER )
ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen );
return( 0 );
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment