Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2026-01-06 06:28:56 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Prevent potential NULL pointer dereference in ssl_read_record()

Browse source
This commit is contained in:
Paul Bakker 2014-04-08 14:36:50 +02:00
parent 563ad02663
commit 4224bc0a4f
2 changed files with 4 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
ChangeLog
View file

@ -12,6 +12,8 @@ Security
This affects certificates in the user-supplied chain except the top
certificate. If the user-supplied chain contains only one certificates,
it is not affected (ie, its notAfter date is properly checked).
* Prevent potential NULL pointer dereference in ssl_read_record() (found by
TrustInSoft)
Bugfix
* The length of various ClientKeyExchange messages was not properly checked.