Fix seg fault with 0 p val in SKE
If a client receives a ServerKeyExchange for an anon DH ciphersuite with the value of p set to 0 then a seg fault can occur. This commits adds a test to reject p, g and pub key parameters that have a 0 value (in accordance with RFC 5246) The security vulnerability only affects master and 1.0.2, but the fix is additionally applied to 1.0.1 for additional confidence. CVE-2015-1794 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
parent
870063c8
Please register or sign in to comment