Loading extra/yassl/src/handshake.cpp +5 −0 Original line number Diff line number Diff line Loading @@ -527,6 +527,11 @@ void ProcessOldClientHello(input_buffer& input, SSL& ssl) input.read(len, sizeof(len)); uint16 randomLen; ato16(len, randomLen); if (ch.suite_len_ > MAX_SUITE_SZ || sessionLen > ID_LEN || randomLen > RAN_LEN) { ssl.SetError(bad_input); return; } int j = 0; for (uint16 i = 0; i < ch.suite_len_; i += 3) { Loading extra/yassl/src/template_instnt.cpp +1 −0 Original line number Diff line number Diff line Loading @@ -101,6 +101,7 @@ template void ysArrayDelete<unsigned char>(unsigned char*); template void ysArrayDelete<char>(char*); template int min<int>(int, int); template uint16 min<uint16>(uint16, uint16); template unsigned int min<unsigned int>(unsigned int, unsigned int); template unsigned long min<unsigned long>(unsigned long, unsigned long); } Loading extra/yassl/src/yassl_imp.cpp +10 −1 Original line number Diff line number Diff line Loading @@ -621,6 +621,10 @@ void HandShakeHeader::Process(input_buffer& input, SSL& ssl) } uint len = c24to32(length_); if (len > input.get_remaining()) { ssl.SetError(bad_input); return; } hashHandShake(ssl, input, len); hs->set_length(len); Loading Loading @@ -1391,10 +1395,15 @@ input_buffer& operator>>(input_buffer& input, ClientHello& hello) // Suites byte tmp[2]; uint16 len; tmp[0] = input[AUTO]; tmp[1] = input[AUTO]; ato16(tmp, hello.suite_len_); ato16(tmp, len); hello.suite_len_ = min(len, static_cast<uint16>(MAX_SUITE_SZ)); input.read(hello.cipher_suites_, hello.suite_len_); if (len > hello.suite_len_) // ignore extra suites input.set_current(input.get_current() + len - hello.suite_len_); // Compression hello.comp_len_ = input[AUTO]; Loading Loading
extra/yassl/src/handshake.cpp +5 −0 Original line number Diff line number Diff line Loading @@ -527,6 +527,11 @@ void ProcessOldClientHello(input_buffer& input, SSL& ssl) input.read(len, sizeof(len)); uint16 randomLen; ato16(len, randomLen); if (ch.suite_len_ > MAX_SUITE_SZ || sessionLen > ID_LEN || randomLen > RAN_LEN) { ssl.SetError(bad_input); return; } int j = 0; for (uint16 i = 0; i < ch.suite_len_; i += 3) { Loading
extra/yassl/src/template_instnt.cpp +1 −0 Original line number Diff line number Diff line Loading @@ -101,6 +101,7 @@ template void ysArrayDelete<unsigned char>(unsigned char*); template void ysArrayDelete<char>(char*); template int min<int>(int, int); template uint16 min<uint16>(uint16, uint16); template unsigned int min<unsigned int>(unsigned int, unsigned int); template unsigned long min<unsigned long>(unsigned long, unsigned long); } Loading
extra/yassl/src/yassl_imp.cpp +10 −1 Original line number Diff line number Diff line Loading @@ -621,6 +621,10 @@ void HandShakeHeader::Process(input_buffer& input, SSL& ssl) } uint len = c24to32(length_); if (len > input.get_remaining()) { ssl.SetError(bad_input); return; } hashHandShake(ssl, input, len); hs->set_length(len); Loading Loading @@ -1391,10 +1395,15 @@ input_buffer& operator>>(input_buffer& input, ClientHello& hello) // Suites byte tmp[2]; uint16 len; tmp[0] = input[AUTO]; tmp[1] = input[AUTO]; ato16(tmp, hello.suite_len_); ato16(tmp, len); hello.suite_len_ = min(len, static_cast<uint16>(MAX_SUITE_SZ)); input.read(hello.cipher_suites_, hello.suite_len_); if (len > hello.suite_len_) // ignore extra suites input.set_current(input.get_current() + len - hello.suite_len_); // Compression hello.comp_len_ = input[AUTO]; Loading
