Does anyone know the status of this patch? The problem still exists in
the openssl-0.9.8 stable tree (and I believe in the head/0.9.9 tree as
well).
The patch still applies; attached is an updated version.
- Ariel
--
- Ariel Salomon / Senior Software Engineer
Real-Time Innovations (RTI) / www.rti.com
408 200-4739 / [EMAIL PROTECTED]
RTI - The Real-Time Middleware Experts
Index: ssl/d1_both.c
===================================================================
RCS file: /home/local/cvsroot/usermodules/ariel/openssl/ssl/d1_both.c,v
retrieving revision 1.4.2.4
diff -u -r1.4.2.4 d1_both.c
--- ssl/d1_both.c 30 Sep 2007 21:20:59 -0000 1.4.2.4
+++ ssl/d1_both.c 4 Oct 2007 00:54:17 -0000
@@ -725,11 +725,12 @@
/* case (3): received a immediately useful fragment. Determine the
* possible overlap and copy the fragment.
*/
- overlap = (s->init_num - DTLS1_HM_HEADER_LENGTH) - frag_off;
/* retain the header for the first fragment */
if ( s->init_num > DTLS1_HM_HEADER_LENGTH)
{
+ s->init_num -= DTLS1_HM_HEADER_LENGTH;
+ overlap = (s->init_num - DTLS1_HM_HEADER_LENGTH) - frag_off;
memmove(&(s->init_buf->data[s->init_num]),
&(s->init_buf->data[s->init_num + DTLS1_HM_HEADER_LENGTH +
overlap]),
frag_len - overlap);
@@ -737,7 +738,10 @@
s->init_num += frag_len - overlap;
}
else
+ {
+ overlap = 0;
s->init_num += frag_len;
+ }
dtls1_process_handshake_fragment(s, frag_len - overlap);
