nixo
/
guix-devel
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
guix-devel/gnu/packages/patches/openssl-CVE-2010-5298.patch

28 lines
754 B
Diff
Raw Blame History

From db978be7388852059cf54e42539a363d549c5bfd Mon Sep 17 00:00:00 2001
From: Kurt Roeckx <kurt@roeckx.be>
Date: Sun, 13 Apr 2014 15:05:30 +0200
Subject: [PATCH] Don't release the buffer when there still is data in it
RT: 2167, 3265
---
ssl/s3_pkt.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index b9e45c7..32e9207 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -1055,7 +1055,8 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
{
s->rstate=SSL_ST_READ_HEADER;
rr->off=0;
- if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+ if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
+ s->s3->rbuf.left == 0)
ssl3_release_read_buffer(s);
}
}
--
1.9.1
Reference in New Issue View Git Blame Copy Permalink