Fix heap-buffer overread in ALPN ext parsing

commit: f472a829c65b10f4d367fcb5cef26ef059750f1b [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue Jan 09 10:43:43 2018 +0100
committer: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Wed Jan 10 13:27:13 2018 +0100
tree: 927c485894bb08192efb4a4205356af20a700229
parent: ecd9f79edf687c84b059b5458991e9c8030fab5b [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index fa34de7..4cee23e 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -30,6 +30,9 @@
      Reported by Marco Macchetti, Kudelski Group.
    * Wipe stack buffer temporarily holding EC private exponent
      after keypair generation.
+   * Fix a potential heap buffer overread in ALPN extension parsing
+     (server-side). Could result in application crash, but only if an ALPN
+     name larger than 16 bytes had been configured on the server.
 
 Features
    * Allow comments in test data files.
commit	f472a829c65b10f4d367fcb5cef26ef059750f1b	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Tue Jan 09 10:43:43 2018 +0100
committer	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Wed Jan 10 13:27:13 2018 +0100
tree	927c485894bb08192efb4a4205356af20a700229
parent	ecd9f79edf687c84b059b5458991e9c8030fab5b [diff] [blame]