summaryrefslogtreecommitdiff
path: root/external/openssl/CVE-2010-5298.patch
diff options
context:
space:
mode:
Diffstat (limited to 'external/openssl/CVE-2010-5298.patch')
-rw-r--r--external/openssl/CVE-2010-5298.patch21
1 files changed, 21 insertions, 0 deletions
diff --git a/external/openssl/CVE-2010-5298.patch b/external/openssl/CVE-2010-5298.patch
new file mode 100644
index 000000000000..55251b3c4596
--- /dev/null
+++ b/external/openssl/CVE-2010-5298.patch
@@ -0,0 +1,21 @@
+From: Ben Laurie <ben@links.org>
+Date: Wed, 23 Apr 2014 06:24:03 +0000 (+0100)
+Subject: Fix use after free.
+X-Git-Url: https://git.openssl.org/gitweb/b/?p=openssl.git;a=commitdiff_plain;h=94d1f4b
+
+Fix use after free.
+---
+
+diff --git a/a/ssl/s3_pkt.c b/b/ssl/s3_pkt.c
+index b9e45c7..d601a18 100644
+--- a/a/ssl/s3_pkt.c
++++ b/b/ssl/s3_pkt.c
+@@ -1334,7 +1334,7 @@ start:
+ {
+ s->rstate=SSL_ST_READ_HEADER;
+ rr->off=0;
+- if (s->mode & SSL_MODE_RELEASE_BUFFERS)
++ if (s->mode & SSL_MODE_RELEASE_BUFFERS && s->s3->rbuf.left == 0)
+ ssl3_release_read_buffer(s);
+ }
+ }
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-18 06:10:32 +0000