AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix potential buffer overflow in suported_curves_ext

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2014-01-23 17:27:10 +01:00
parent 8505d50d4b
commit 8e205fc0bc
1 changed files with 1 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
library/ssl_cli.c
View File

@ -231,7 +231,7 @@ static void ssl_write_supported_elliptic_curves_ext( ssl_context *ssl,
size_t *olen )
{
unsigned char *p = buf;
unsigned char elliptic_curve_list[20];
unsigned char *elliptic_curve_list = p + 6;
size_t elliptic_curve_len = 0;
const ecp_curve_info *curve;
((void) ssl);
@ -260,8 +260,6 @@ static void ssl_write_supported_elliptic_curves_ext( ssl_context *ssl,
*p++ = (unsigned char)( ( ( elliptic_curve_len ) >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( ( elliptic_curve_len ) ) & 0xFF );
memcpy( p, elliptic_curve_list, elliptic_curve_len );
*olen = 6 + elliptic_curve_len;
}