From 7a8cd58f68a937ddb56162d7c0f31ab797c69d8a Mon Sep 17 00:00:00 2001 From: Doug Hogan Date: Fri, 31 Jul 2015 00:35:07 +0000 Subject: Fix SRTP parsing. jsing@ noticed that during the CBS conversion, an extra CBS_len comparison was introduced. It should be 0 after extracting MKI. ok jsing@ bcook@ deraadt@ --- lib/libssl/d1_srtp.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/libssl/d1_srtp.c b/lib/libssl/d1_srtp.c index 2974691e3c6..45ce5b8d3eb 100644 --- a/lib/libssl/d1_srtp.c +++ b/lib/libssl/d1_srtp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_srtp.c,v 1.14 2015/07/17 17:36:24 doug Exp $ */ +/* $OpenBSD: d1_srtp.c,v 1.15 2015/07/31 00:35:06 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -313,8 +313,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len, CBS_init(&cbs, d, len); /* Pull off the cipher suite list */ if (!CBS_get_u16_length_prefixed(&cbs, &ciphers) || - CBS_len(&ciphers) % 2 || - CBS_len(&cbs) != 0) { + CBS_len(&ciphers) % 2) { SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); *al = SSL_AD_DECODE_ERROR; -- cgit v1.2.3