pike.git / lib / modules / SSL.pmod / Connection.pike

version» Context lines:

pike.git/lib/modules/SSL.pmod/Connection.pike:820:    // We're not allowed to send heartbeats.    return;    }       Buffer hb_msg = Buffer();    hb_msg->add_int(HEARTBEAT_MESSAGE_request, 1);    hb_msg->add_int(16, 2);    int now = gethrtime();    hb_msg->add(heartbeat_encode->crypt(sprintf("%8c%8c", now, now)));    // We pad to an even 64 bytes. -  hb_msg->add(random_string(64 - sizeof(hb_msg))); +  int(0..) bytes = [int(0..)]max(0, 64 - sizeof(hb_msg)); +  hb_msg->add(random_string(bytes));    send_packet(heartbeat_packet(hb_msg));   }      void handle_heartbeat(string(8bit) s)   {    if (sizeof(s) < 19) return; // Minimum size for valid heartbeats.    Buffer hb_msg = Buffer(s);    int hb_type = hb_msg->read_int(1);    int hb_len = hb_msg->read_int(2);       SSL3_DEBUG_MSG("SSL.Connection: Heartbeat %s (%d bytes)\n",    fmt_constant(hb_type, "HEARTBEAT_MESSAGE"), hb_len);       string(8bit) payload; -  int pad_len = 16; +  int(0..) pad_len = 16;       // RFC 6520 4:    // If the payload_length of a received HeartbeatMessage is too    // large, the received HeartbeatMessage MUST be discarded silently.    if ((hb_len < 0) || ((hb_len + 16) > sizeof(hb_msg))) {   #ifdef SSL3_SIMULATE_HEARTBLEED    payload = hb_msg->read();    if (sizeof(payload) < hb_len) {    payload = payload + random_string(hb_len - sizeof(payload));    } else {