external/openssl/CVE-2010-5298.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

From: Ben Laurie <ben@links.org>
Date: Wed, 23 Apr 2014 06:24:03 +0000 (+0100)
Subject: Fix use after free.
X-Git-Url: https://git.openssl.org/gitweb/b/?p=openssl.git;a=commitdiff_plain;h=94d1f4b

Fix use after free.
---

diff --git a/a/ssl/s3_pkt.c b/b/ssl/s3_pkt.c
index b9e45c7..d601a18 100644
--- a/a/ssl/s3_pkt.c
+++ b/b/ssl/s3_pkt.c
@@ -1334,7 +1334,7 @@ start:
 				{
 				s->rstate=SSL_ST_READ_HEADER;
 				rr->off=0;
-				if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+				if (s->mode & SSL_MODE_RELEASE_BUFFERS && s->s3->rbuf.left == 0)
 					ssl3_release_read_buffer(s);
 				}
 			}