summaryrefslogtreecommitdiff
path: root/patches/source/gnutls/gnutls-2.8.6_CVE-2012-1573.diff
diff options
context:
space:
mode:
Diffstat (limited to 'patches/source/gnutls/gnutls-2.8.6_CVE-2012-1573.diff')
-rw-r--r--patches/source/gnutls/gnutls-2.8.6_CVE-2012-1573.diff39
1 files changed, 39 insertions, 0 deletions
diff --git a/patches/source/gnutls/gnutls-2.8.6_CVE-2012-1573.diff b/patches/source/gnutls/gnutls-2.8.6_CVE-2012-1573.diff
new file mode 100644
index 00000000..53a8af0e
--- /dev/null
+++ b/patches/source/gnutls/gnutls-2.8.6_CVE-2012-1573.diff
@@ -0,0 +1,39 @@
+From c8cf27468841f2ad51b287176b440c6608edc6ba Mon Sep 17 00:00:00 2001
+From: mancha <mancha1@hush.com>
+Date: Sun, 29 Sep 2013
+Subject: CVE-2012-1573 [GNUTLS-SA-2012-2]
+
+Address a TLS record handling vulnerability in GnuTLS.
+
+This is a backport adaptation for use with GnuTLS 2.8.6.
+
+Relevant upstream commit:
+-------------------------
+https://gitorious.org/gnutls/gnutls/commit/42221486806137
+
+---
+ gnutls_cipher.c | 11 +++++------
+ 1 file changed, 5 insertions(+), 6 deletions(-)
+
+--- a/lib/gnutls_cipher.c 2013-09-27
++++ b/lib/gnutls_cipher.c 2013-09-27
+@@ -501,14 +501,13 @@ _gnutls_ciphertext2compressed (gnutls_se
+ {
+ ciphertext.size -= blocksize;
+ ciphertext.data += blocksize;
+-
+- if (ciphertext.size == 0)
+- {
+- gnutls_assert ();
+- return GNUTLS_E_DECRYPTION_FAILED;
+- }
+ }
+
++ if (ciphertext.size < hash_size)
++ {
++ gnutls_assert ();
++ return GNUTLS_E_DECRYPTION_FAILED;
++ }
+ pad = ciphertext.data[ciphertext.size - 1] + 1; /* pad */
+
+ if ((int) pad > (int) ciphertext.size - hash_size)