CVSROOT: /cvs Module name: src Changes by: js...@cvs.openbsd.org 2020/03/10 11:11:25
Modified files: lib/libssl : tls13_buffer.c Log message: Add a return value check to tls13_buffer_extend(). In the unlikely event that the return value from the read callback is larger than the number of bytes we asked for, we can end up incrementing buf->len beyond capacity. Check the return value from the read callback to prevent this. ok inoguchi@ tb@