forked from pool/openssl
191f308eaf
Fixed bug[ bnc#876282], CVE-2014-0198 openssl: OpenSSL NULL pointer dereference in do_ssl3_write; Add file: CVE-2014-0198.patch (forwarded request 232650 from shawn2012) OBS-URL: https://build.opensuse.org/request/show/232653 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=115
16 lines
502 B
Diff
16 lines
502 B
Diff
Index: openssl-1.0.1g/ssl/s3_pkt.c
|
|
===================================================================
|
|
--- openssl-1.0.1g.orig/ssl/s3_pkt.c
|
|
+++ openssl-1.0.1g/ssl/s3_pkt.c
|
|
@@ -657,6 +657,10 @@ static int do_ssl3_write(SSL *s, int typ
|
|
if (i <= 0)
|
|
return(i);
|
|
/* if it went, fall through and send more stuff */
|
|
+ /* we may have released our buffer, so get it again */
|
|
+ if (wb->buf == NULL)
|
|
+ if (!ssl3_setup_write_buffer(s))
|
|
+ return -1;
|
|
}
|
|
|
|
if (len == 0 && !create_empty_fragment)
|