File CVE-2015-8036-Add-extra-check-before-integer-conversion.patch of Package polarssl.5404

From: =?utf-8?q?Manuel_P=C3=A9gouri=C3=A9-Gonnard?= <mpg2@elzevir.fr>
Date: Fri, 2 Oct 2015 09:53:52 +0200
Subject: CVE-2015-8036: Add extra check before integer conversion

end < p should never happen, but just be extra sure

(cherry picked from commit f3e6e4badb35760c9a543ee69b7449cb0cd9784b)
---
 library/ssl_cli.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Index: library/ssl_cli.c
===================================================================
--- library/ssl_cli.c.orig
+++ library/ssl_cli.c
@@ -135,7 +135,7 @@ static void ssl_write_renegotiation_ext(
 
     SSL_DEBUG_MSG( 3, ( "client hello, adding renegotiation extension" ) );
 
-    if( (size_t)(end - p) < 5 + ssl->verify_data_len )
+    if( end < p || (size_t)(end - p) < 5 + ssl->verify_data_len )
     {
         SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
         return;

Places

File CVE-2015-8036-Add-extra-check-before-integer-conversion.patch of Package polarssl.5404

Places