openssl/openssl-buffreelistbug-aka-CVE-2010-5298.patch

--- openssl-1.0.1g.orig/ssl/s3_pkt.c
+++ openssl-1.0.1g/ssl/s3_pkt.c
@@ -1055,8 +1055,8 @@ start:
 				{
 				s->rstate=SSL_ST_READ_HEADER;
 				rr->off=0;
-				if (s->mode & SSL_MODE_RELEASE_BUFFERS)
-					ssl3_release_read_buffer(s);
+				if (s->mode & SSL_MODE_RELEASE_BUFFERS && s->s3->rbuf.left == 0)
+					    ssl3_release_read_buffer(s);
 				}
 			}
 		return(n);