Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge remote-tracking branch 'public/bug12227_024'

Nick Mathewson 11 years ago
parent
307aa7eb43 cca6198c77
commit
55c7a559df
2 changed files with 9 additions and 1 deletions
Split View Show Diff Stats
  1. 5 0
      changes/bug12227
  2. 4 1
      src/common/tortls.c

+ 5 - 0
changes/bug12227
View File 

@@ -0,0 +1,5 @@
 
+  o Minor bugfixes:
 
+    - Avoid an illegal read from stack when initializing the TLS
 
+      module using a version of OpenSSL without all of the ciphers
 
+      used by the v2 link handshake. Fixes bug 12227; bugfix on
 
+      0.2.4.8-alpha.  Found by "starlight".

+ 4 - 1
src/common/tortls.c
View File 

@@ -1477,10 +1477,13 @@ prune_v2_cipher_list(void)
 
 
   inp = outp = v2_cipher_list;
 
   while (*inp) {
 
-    unsigned char cipherid[2];
 
+    unsigned char cipherid[3];
 
     const SSL_CIPHER *cipher;
 
     /* Is there no better way to do this? */
 
     set_uint16(cipherid, htons(*inp));
 
+    cipherid[2] = 0; /* If ssl23_get_cipher_by_char finds no cipher starting
 
+                      * with a two-byte 'cipherid', it may look for a v2
 
+                      * cipher with the appropriate 3 bytes. */
 
     cipher = m->get_cipher_by_char(cipherid);
 
     if (cipher) {
 
       tor_assert((cipher->id & 0xffff) == *inp);