- Security patch
Security: CVE-2014-0198 Security: http://seclists.org/oss-sec/2014/q2/232 Security: https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321 Obtained from: OpenBSD
This commit is contained in:
parent
11dfc497cc
commit
eaac0ade39
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=352928
@ -4,7 +4,7 @@
|
||||
PORTNAME= openssl
|
||||
PORTVERSION= 1.0.1
|
||||
DISTVERSIONSUFFIX= g
|
||||
PORTREVISION= 11
|
||||
PORTREVISION= 12
|
||||
CATEGORIES= security devel
|
||||
MASTER_SITES= http://www.openssl.org/%SUBDIR%/ \
|
||||
ftp://ftp.openssl.org/%SUBDIR%/ \
|
||||
|
@ -1,13 +1,22 @@
|
||||
Index: crypto/openssl/ssl/s3_pkt.c
|
||||
===================================================================
|
||||
--- ssl/s3_pkt.c (revision 264309)
|
||||
+++ ssl/s3_pkt.c (working copy)
|
||||
@@ -1055,7 +1055,7 @@ start:
|
||||
{
|
||||
s->rstate=SSL_ST_READ_HEADER;
|
||||
rr->off=0;
|
||||
--- ssl/s3_pkt.c.orig 2014-03-17 17:14:20.000000000 +0100
|
||||
+++ ssl/s3_pkt.c 2014-05-03 18:07:28.000000000 +0200
|
||||
@@ -657,6 +657,10 @@
|
||||
if (i <= 0)
|
||||
return(i);
|
||||
/* if it went, fall through and send more stuff */
|
||||
+ /* we may have released our buffer, so get it again */
|
||||
+ if (wb->buf == NULL)
|
||||
+ if (!ssl3_setup_write_buffer(s))
|
||||
+ return -1;
|
||||
}
|
||||
|
||||
if (len == 0 && !create_empty_fragment)
|
||||
@@ -1055,7 +1059,7 @@
|
||||
{
|
||||
s->rstate=SSL_ST_READ_HEADER;
|
||||
rr->off=0;
|
||||
- if (s->mode & SSL_MODE_RELEASE_BUFFERS)
|
||||
+ if (s->mode & SSL_MODE_RELEASE_BUFFERS && s->s3->rbuf.left == 0)
|
||||
ssl3_release_read_buffer(s);
|
||||
}
|
||||
}
|
||||
ssl3_release_read_buffer(s);
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user