Initialise SSLv3 block cipher padding to zero.
Change-Id: Ifd5d788fc49e84d66661483d7fe11612181fa320
diff --git a/openssl.config b/openssl.config
index bf5c579..27078ea 100644
--- a/openssl.config
+++ b/openssl.config
@@ -188,6 +188,7 @@
handshake_cutthrough.patch \
jsse.patch \
npn.patch \
+sslv3_uninit_padding.patch \
"
OPENSSL_PATCHES_progs_SOURCES="\
diff --git a/patches/README b/patches/README
index 04dd166..0634d54 100644
--- a/patches/README
+++ b/patches/README
@@ -29,3 +29,7 @@
npn.patch
Transport Layer Security (TLS) Next Protocol Negotiation Extension
+
+sslv3_uninit_padding.patch
+
+This patch sets the padding for SSLv3 block ciphers to zero.
diff --git a/patches/sslv3_uninit_padding.patch b/patches/sslv3_uninit_padding.patch
new file mode 100644
index 0000000..89fff7b
--- /dev/null
+++ b/patches/sslv3_uninit_padding.patch
@@ -0,0 +1,14 @@
+diff --git a/ssl/s3_enc.c b/google3/third_party/openssl/openssl/ssl/s3_enc.c
+index 58386e1..b145970 100644
+--- a/ssl/s3_enc.c
++++ b/ssl/s3_enc.c
+@@ -511,6 +511,9 @@ int ssl3_enc(SSL *s, int send)
+
+ /* we need to add 'i-1' padding bytes */
+ l+=i;
++ /* the last of these zero bytes will be overwritten
++ * with the padding length. */
++ memset(&rec->input[rec->length], 0, i);
+ rec->length+=i;
+ rec->input[l-1]=(i-1);
+ }
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 58386e1..b145970 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -511,6 +511,9 @@
/* we need to add 'i-1' padding bytes */
l+=i;
+ /* the last of these zero bytes will be overwritten
+ * with the padding length. */
+ memset(&rec->input[rec->length], 0, i);
rec->length+=i;
rec->input[l-1]=(i-1);
}
