OpenSSL: Add fix for CVE-2010-5298.
authorSascha Wildner <saw@online.de>
Wed, 30 Apr 2014 08:58:52 +0000 (10:58 +0200)
committerSascha Wildner <saw@online.de>
Wed, 30 Apr 2014 09:08:07 +0000 (11:08 +0200)
crypto/openssl/ssl/s3_pkt.c

index 96ba632..180ec21 100644 (file)
@@ -1055,7 +1055,8 @@ start:
                                {
                                s->rstate=SSL_ST_READ_HEADER;
                                rr->off=0;
-                               if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+                               if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
+                                   s->s3->rbuf.left == 0)
                                        ssl3_release_read_buffer(s);
                                }
                        }