CVSROOT: /cvs
Module name: src
Changes by: st...@cvs.openbsd.org 2014/05/01 08:16:35
Modified files:
lib/libssl/src/ssl: Tag: OPENBSD_5_5 s3_pkt.c
Log message:
MFC, requested by deraadt@
-/--------------------------
revision 1.33
date: 2014/04/24 04:31:30; author: tedu; state: Exp; lines: +4 -0;
on today's episode of things you didn't want to learn:
do_ssl3_write() is recursive. and not in the simple, obvious way, but in
the sneaky called through ssl3_dispatch_alert way. (alert level: fuchsia)
this then has a decent chance of releasing the buffer that we thought we
were going to use. check for this happening, and if the buffer has gone
missing, put another one back in place.
the direct recursive call is safe because it won't call ssl3_write_pending
which is the function that actually does do the writing and releasing.
as reported by David Ramos to openssl-dev:
http://marc.info/?l=openssl-dev&m=139809493725682&w=2
ok beck
-/--------------------------
