PR: 2739 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Fix padding bugs in Heartbeat support.

commit: 57cb030cea44691b54b8d0df64caa764b8583358 [log] [tgz]
author: Dr. Stephen Henson <steve@openssl.org> Mon Feb 27 16:38:24 2012 +0000
committer: Dr. Stephen Henson <steve@openssl.org> Mon Feb 27 16:38:24 2012 +0000
tree: 4a293b523b37f2838fdd36656198943a98a481bc
parent: d441e6d8db7220d0cd3d56d961d0a5195619baa9 [diff]
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index b96e34f..5c47c7c 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c

@@ -1422,8 +1422,9 @@
 		*bp++ = TLS1_HB_RESPONSE;
 		s2n(payload, bp);
 		memcpy(bp, pl, payload);
+		bp += payload;
 		/* Random padding */
-		RAND_pseudo_bytes(p, padding);
+		RAND_pseudo_bytes(bp, padding);
 
 		r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding);
 

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index f2e6b7c..9c76da1 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c

@@ -2467,7 +2467,10 @@
 		*bp++ = TLS1_HB_RESPONSE;
 		s2n(payload, bp);
 		memcpy(bp, pl, payload);
-		
+		bp += payload;
+		/* Random padding */
+		RAND_pseudo_bytes(bp, padding);
+
 		r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding);
 
 		if (r >= 0 && s->msg_callback)
commit	57cb030cea44691b54b8d0df64caa764b8583358	[log] [tgz]
author	Dr. Stephen Henson <steve@openssl.org>	Mon Feb 27 16:38:24 2012 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	Mon Feb 27 16:38:24 2012 +0000
tree	4a293b523b37f2838fdd36656198943a98a481bc
parent	d441e6d8db7220d0cd3d56d961d0a5195619baa9 [diff]