commit | 8f12296e2356a0daf751cbc00aed14d4c31a2476 | [log] [tgz] |
---|---|---|
author | Dr. Stephen Henson <steve@openssl.org> | Fri Mar 03 02:44:18 2017 +0000 |
committer | Dr. Stephen Henson <steve@openssl.org> | Fri Mar 03 21:58:33 2017 +0000 |
tree | e7b884fd24ca39d75866fab404ef1f4de4fb045f | |
parent | 224b4e37c075f5bbe1573a90a1dc5e5d9a91d9c1 [diff] [blame] |
Disallow zero length signature algorithms Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2840)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 87ef620..93a8cfe 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c
@@ -1563,7 +1563,7 @@ size = PACKET_remaining(pkt); /* Invalid data length */ - if ((size & 1) != 0) + if (size == 0 || (size & 1) != 0) return 0; size >>= 1;