svn commit: r265986 - stable/10/crypto/openssl/ssl
Andrey Chernov
ache at freebsd.org
Tue May 13 23:36:56 UTC 2014
On 14.05.2014 3:19, Xin LI wrote:
> Author: delphij
> Date: Tue May 13 23:19:16 2014
> New Revision: 265986
> URL: http://svnweb.freebsd.org/changeset/base/265986
>
> Log:
> Fix OpenSSL NULL pointer deference vulnerability.
>
> Obtained from: OpenBSD
> Security: FreeBSD-SA-14:09.openssl
> Security: CVE-2014-0198
Official fix is a bit different:
https://github.com/openssl/openssl/commit/b107586c0c3447ea22dba8698ebbcd81bb29d48c
from
https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321
Do we follow official branch or OpenBSD fixes?
>
> Modified:
> stable/10/crypto/openssl/ssl/s3_pkt.c
>
> Modified: stable/10/crypto/openssl/ssl/s3_pkt.c
> ==============================================================================
> --- stable/10/crypto/openssl/ssl/s3_pkt.c Tue May 13 23:17:24 2014 (r265985)
> +++ stable/10/crypto/openssl/ssl/s3_pkt.c Tue May 13 23:19:16 2014 (r265986)
> @@ -657,6 +657,10 @@ static int do_ssl3_write(SSL *s, int typ
> if (i <= 0)
> return(i);
> /* if it went, fall through and send more stuff */
> + /* we may have released our buffer, so get it again */
> + if (wb->buf == NULL)
> + if (!ssl3_setup_write_buffer(s))
> + return -1;
> }
>
> if (len == 0 && !create_empty_fragment)
>
--
http://ache.vniz.net/
More information about the svn-src-stable-10
mailing list