CVSROOT: /cvs Module name: src Changes by: js...@cvs.openbsd.org 2014/06/10 05:40:22
Modified files:
lib/libssl/src/ssl: s3_enc.c
Log message:
Avoid potential NULL pointer function calls in n_ssl3_mac() by checking
the return value of EVP_MD_CTX_copy_ex(). If the copy fails early then
EVP_DigestUpdate() will invoke md_ctx.update(), which will be a NULL
function pointer.
Analysis and patch from David Ramos.
ok deraadt@
