Patch CVE-2014-3466 to prevent memory corruption due to server hello parsing.

Obtained from: 688ea6428a Security: CVE-2014-3466, 9733c480-ebff-11e3-970b-206a8a720317
svn path=/head/; revision=356535
2024-10-19 19:59:43 +00:00 · 2014-06-04 18:51:20 +00:00 · 2014-06-04 18:51:20 +00:00 · 8887883116 · 2021-03-31 03:12:20 +00:00
commit 8887883116
parent 42945633eb
2 changed files with 12 additions and 1 deletions
--- a/security/gnutls/Makefile
+++ b/security/gnutls/Makefile
@ -3,7 +3,7 @@

 PORTNAME=	gnutls
 PORTVERSION=	2.12.23
-PORTREVISION=	5
+PORTREVISION=	6
 CATEGORIES=	security net
 MASTER_SITES=	\
 	ftp://ftp.gnutls.org/gcrypt/gnutls/v${PORTVERSION:C/.[0-9]+$//}/ \
--- a/security/gnutls/files/patch-lib-gnutls_handshake.c
+++ b/security/gnutls/files/patch-lib-gnutls_handshake.c
@ -0,0 +1,11 @@
+--- lib/gnutls_handshake.c.orig	2012-11-03 06:03:47.000000000 -0700
+++ lib/gnutls_handshake.c	2014-06-04 07:55:49.138570114 -0700
+@@ -1797,7 +1797,7 @@
+   DECR_LEN (len, 1);
+   session_id_len = data[pos++];
+ 
+-  if (len < session_id_len)
+  if (len < session_id_len || session_id_len > TLS_MAX_SESSION_ID_SIZE)
+     {
+       gnutls_assert ();
+       return GNUTLS_E_UNSUPPORTED_VERSION_PACKET;