aboutsummaryrefslogtreecommitdiffstats
path: root/main/gnutls/cve-2012-1573.patch
diff options
context:
space:
mode:
Diffstat (limited to 'main/gnutls/cve-2012-1573.patch')
-rw-r--r--main/gnutls/cve-2012-1573.patch22
1 files changed, 22 insertions, 0 deletions
diff --git a/main/gnutls/cve-2012-1573.patch b/main/gnutls/cve-2012-1573.patch
new file mode 100644
index 0000000000..b377c391c2
--- /dev/null
+++ b/main/gnutls/cve-2012-1573.patch
@@ -0,0 +1,22 @@
+--- ./lib/gnutls_cipher.c.orig
++++ ./lib/gnutls_cipher.c
+@@ -515,14 +515,13 @@
+ {
+ ciphertext.size -= blocksize;
+ ciphertext.data += blocksize;
+-
+- if (ciphertext.size == 0)
+- {
+- gnutls_assert ();
+- return GNUTLS_E_DECRYPTION_FAILED;
+- }
+ }
+
++ if (ciphertext.size < hash_size)
++ {
++ gnutls_assert ();
++ return GNUTLS_E_DECRYPTION_FAILED;
++ }
+ pad = ciphertext.data[ciphertext.size - 1] + 1; /* pad */
+
+ if ((int) pad > (int) ciphertext.size - hash_size)