Google Git
Sign in
boringssl/boringssl.git/895780572b7895784ed7088248ecb2ed5dd0c97a
commit
895780572b7895784ed7088248ecb2ed5dd0c97a
[log]
author
Adam Langley <agl@chromium.org>
Fri Jun 20 12:00:00 2014 -0700
committer
Adam Langley <agl@chromium.org>
Fri Jun 20 13:17:41 2014 -0700
tree
db55066e75ae532e638524a8c99968d0d40600d7
parent
d06eddd15cc94023a9a3fedf7b1c28aabf159e4d [diff]
Fix CVE-2014-0221

Unnecessary recursion when receiving a DTLS hello request can be used to
crash a DTLS client. Fixed by handling DTLS hello request without
recursion.

Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue.

(Imported from upstream's 8942b92c7cb5fa144bd79b7607b459d0b777164c)
1 file changed
tree: db55066e75ae532e638524a8c99968d0d40600d7
  1. crypto/
  2. doc/
  3. include/
  4. ssl/
  5. tool/
  6. util/
  7. .clang-format
  8. .gitignore
  9. BUGS
  10. BUILDING
  11. CMakeLists.txt