Package: gnutls26 / 2.12.20-8+deb7u5

36_sanitycheck.diff Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
From 5164d5a1d57cd0372a5dd074382ca960ca18b27d Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu, 23 May 2013 09:54:37 +0200
Subject: [PATCH 3/3] re-applied sanity check patch

---
 lib/gnutls_cipher.c |    2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c
index 2835121..71f5a98 100644
--- a/lib/gnutls_cipher.c
+++ b/lib/gnutls_cipher.c
@@ -561,6 +561,8 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
           return GNUTLS_E_DECRYPTION_FAILED;
         }
       pad = ciphertext.data[ciphertext.size - 1];   /* pad */
+      if (pad+1 > ciphertext.size-hash_size)
+        pad_failed = GNUTLS_E_DECRYPTION_FAILED;
 
       /* Check the pading bytes (TLS 1.x). 
        * Note that we access all 256 bytes of ciphertext for padding check
-- 
1.7.10.4