diff options
| author | Xavier Roche <xroche@users.noreply.github.com> | 2014-04-10 16:45:13 +0000 |
|---|---|---|
| committer | Xavier Roche <xroche@users.noreply.github.com> | 2014-04-10 16:45:13 +0000 |
| commit | 70a44456fb484971228556c91a894a12b9e097a1 (patch) | |
| tree | 73570ba09123917c9a32f53002185db6a7cbea28 | |
| parent | dce3642432873f18e3ae557d27d715fb52608689 (diff) | |
Groumph, version is not a reliable way to detect heartbleed.
| -rw-r--r-- | src/htslib.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/htslib.c b/src/htslib.c index ce2bcc5..81a769e 100644 --- a/src/htslib.c +++ b/src/htslib.c @@ -5087,7 +5087,12 @@ static int ssl_vulnerable(const char *version) { // CVE-2014-0160 // "OpenSSL 1.0.1g 7 Apr 2014" const char minor = version[match_len]; - return minor == ' ' || ( minor >= 'a' && minor <= 'f' ); + return minor == ' ' + || ( + ( minor >= 'a' && minor <= 'f' ) + // do not choke on Debian flavors, for example + && version[match_len + 1] == ' ' + ); } else { return 0; } |