Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE
mbedtls.17788
mbedtls-CVE-2021-35409.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File mbedtls-CVE-2021-35409.patch of Package mbedtls.17788
diff -Nurp mbedtls-2.16.9-orig/library/ssl_tls.c mbedtls-2.16.9/library/ssl_tls.c --- mbedtls-2.16.9-orig/library/ssl_tls.c 2020-12-10 13:54:15.000000000 +0100 +++ mbedtls-2.16.9/library/ssl_tls.c 2022-12-21 13:59:19.701121753 +0100 @@ -3997,11 +3997,11 @@ static int ssl_check_dtls_clihlo_cookie( } sid_len = in[59]; - if( sid_len > in_len - 61 ) + if( 59 + 1 + sid_len + 1 > in_len ) return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); cookie_len = in[60 + sid_len]; - if( cookie_len > in_len - 60 ) + if( 59 + 1 + sid_len + 1 + cookie_len > in_len ) return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); if( f_cookie_check( p_cookie, in + sid_len + 61, cookie_len,
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor