aboutsummaryrefslogtreecommitdiffstats
path: root/main/gnutls/CVE-2012-1573.patch
diff options
context:
space:
mode:
Diffstat (limited to 'main/gnutls/CVE-2012-1573.patch')
-rw-r--r--main/gnutls/CVE-2012-1573.patch27
1 files changed, 27 insertions, 0 deletions
diff --git a/main/gnutls/CVE-2012-1573.patch b/main/gnutls/CVE-2012-1573.patch
new file mode 100644
index 0000000000..4cd5fe9ff8
--- /dev/null
+++ b/main/gnutls/CVE-2012-1573.patch
@@ -0,0 +1,27 @@
+Description: Validate record size when parsing GenericBlockCipher structure
+Origin: backport, http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commit;h=422214868061370aeeb0ac9cd0f021a5c350a57d
+
+Index: gnutls26-2.10.5/lib/gnutls_cipher.c
+===================================================================
+--- gnutls26-2.10.5.orig/lib/gnutls_cipher.c 2012-04-04 04:17:33.902871139 -0500
++++ gnutls26-2.10.5/lib/gnutls_cipher.c 2012-04-04 04:17:56.666871679 -0500
+@@ -515,14 +515,13 @@
+ {
+ ciphertext.size -= blocksize;
+ ciphertext.data += blocksize;
+-
+- if (ciphertext.size == 0)
+- {
+- gnutls_assert ();
+- return GNUTLS_E_DECRYPTION_FAILED;
+- }
+ }
+
++ if (ciphertext.size < hash_size)
++ {
++ gnutls_assert ();
++ return GNUTLS_E_DECRYPTION_FAILED;
++ }
+ pad = ciphertext.data[ciphertext.size - 1] + 1; /* pad */
+
+ if ((int) pad > (int) ciphertext.size - hash_size)