Security fixes brought forward from 0.9.7.

commit: 54a656ef081f72a740c550ebd8099b40b8b5cde0 [log] [tgz]
author: Ben Laurie <ben@openssl.org> Wed Nov 13 15:43:43 2002 +0000
committer: Ben Laurie <ben@openssl.org> Wed Nov 13 15:43:43 2002 +0000
tree: 9b3638b56848c7f0648b84cfa7ad056116b37a1b
parent: 8f797f14b8ff7d3d5cb04443284259a0c94860b3 [diff] [blame]
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index ac555c1..043eb02 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c

@@ -1349,7 +1349,7 @@
 			kn=0;
 			}
 
-		if (!BUF_MEM_grow(buf,n+4+kn))
+		if (!BUF_MEM_grow_clean(buf,n+4+kn))
 			{
 			SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF);
 			goto err;
@@ -1522,7 +1522,7 @@
 				{
 				name=sk_X509_NAME_value(sk,i);
 				j=i2d_X509_NAME(name,NULL);
-				if (!BUF_MEM_grow(buf,4+n+j+2))
+				if (!BUF_MEM_grow_clean(buf,4+n+j+2))
 					{
 					SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB);
 					goto err;
@@ -1883,7 +1883,7 @@
                 if (enc == NULL)
                     goto err;
 
-		memset(iv, 0, EVP_MAX_IV_LENGTH);	/* per RFC 1510 */
+		memset(iv, 0, sizeof iv);	/* per RFC 1510 */
 
 		if (!EVP_DecryptInit_ex(&ciph_ctx,enc,NULL,kssl_ctx->key,iv))
 			{
commit	54a656ef081f72a740c550ebd8099b40b8b5cde0	[log] [tgz]
author	Ben Laurie <ben@openssl.org>	Wed Nov 13 15:43:43 2002 +0000
committer	Ben Laurie <ben@openssl.org>	Wed Nov 13 15:43:43 2002 +0000
tree	9b3638b56848c7f0648b84cfa7ad056116b37a1b
parent	8f797f14b8ff7d3d5cb04443284259a0c94860b3 [diff] [blame]