1diff --git android-openssl.orig/ssl/ssl_locl.h android-openssl/ssl/ssl_locl.h 2index 3732825..4e27d9e 100644 3--- android-openssl.orig/ssl/ssl_locl.h 4+++ android-openssl/ssl/ssl_locl.h 5@@ -1127,8 +1127,8 @@ int tls1_ec_nid2curve_id(int nid); 6 #endif /* OPENSSL_NO_EC */ 7 8 #ifndef OPENSSL_NO_TLSEXT 9-unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit); 10-unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit); 11+unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit); 12+unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit); 13 int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al); 14 int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al); 15 int ssl_prepare_clienthello_tlsext(SSL *s); 16diff --git android-openssl.orig/ssl/t1_lib.c android-openssl/ssl/t1_lib.c 17index 7a507f9..a53d56b 100644 18--- android-openssl.orig/ssl/t1_lib.c 19+++ android-openssl/ssl/t1_lib.c 20@@ -341,15 +341,16 @@ int tls12_get_req_sig_algs(SSL *s, unsigned char *p) 21 return (int)slen; 22 } 23 24-unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) 25+unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit) 26 { 27 int extdatalen=0; 28- unsigned char *ret = p; 29+ unsigned char *orig = buf; 30+ unsigned char *ret = buf; 31 32 /* don't add extensions for SSLv3 unless doing secure renegotiation */ 33 if (s->client_version == SSL3_VERSION 34 && !s->s3->send_connection_binding) 35- return p; 36+ return orig; 37 38 ret+=2; 39 40@@ -398,7 +399,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha 41 return NULL; 42 } 43 44- if((limit - p - 4 - el) < 0) return NULL; 45+ if((limit - ret - 4 - el) < 0) return NULL; 46 47 s2n(TLSEXT_TYPE_renegotiate,ret); 48 s2n(el,ret); 49@@ -647,7 +648,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha 50 51 ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0); 52 53- if((limit - p - 4 - el) < 0) return NULL; 54+ if((limit - ret - 4 - el) < 0) return NULL; 55 56 s2n(TLSEXT_TYPE_use_srtp,ret); 57 s2n(el,ret); 58@@ -686,24 +687,25 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha 59 } 60 61 62- if ((extdatalen = ret-p-2)== 0) 63- return p; 64+ if ((extdatalen = ret-orig-2)== 0) 65+ return orig; 66 67- s2n(extdatalen,p); 68+ s2n(extdatalen, orig); 69 return ret; 70 } 71 72-unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) 73+unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit) 74 { 75 int extdatalen=0; 76- unsigned char *ret = p; 77+ unsigned char *orig = buf; 78+ unsigned char *ret = buf; 79 #ifndef OPENSSL_NO_NEXTPROTONEG 80 int next_proto_neg_seen; 81 #endif 82 83 /* don't add extensions for SSLv3, unless doing secure renegotiation */ 84 if (s->version == SSL3_VERSION && !s->s3->send_connection_binding) 85- return p; 86+ return orig; 87 88 ret+=2; 89 if (ret>=limit) return NULL; /* this really never occurs, but ... */ 90@@ -726,7 +728,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha 91 return NULL; 92 } 93 94- if((limit - p - 4 - el) < 0) return NULL; 95+ if((limit - ret - 4 - el) < 0) return NULL; 96 97 s2n(TLSEXT_TYPE_renegotiate,ret); 98 s2n(el,ret); 99@@ -806,7 +808,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha 100 101 ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0); 102 103- if((limit - p - 4 - el) < 0) return NULL; 104+ if((limit - ret - 4 - el) < 0) return NULL; 105 106 s2n(TLSEXT_TYPE_use_srtp,ret); 107 s2n(el,ret); 108@@ -885,10 +887,10 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha 109 s2n(0,ret); 110 } 111 112- if ((extdatalen = ret-p-2)== 0) 113- return p; 114+ if ((extdatalen = ret-orig-2)== 0) 115+ return orig; 116 117- s2n(extdatalen,p); 118+ s2n(extdatalen, orig); 119 return ret; 120 } 121 122