Fixed NULL pointer dereference. See PR#3321

author Matt Caswell <matt@openssl.org>

Sun, 11 May 2014 23:38:37 +0000 (00:38 +0100)

committer Matt Caswell <matt@openssl.org>

Sun, 11 May 2014 23:48:17 +0000 (00:48 +0100)
author Matt Caswell <matt@openssl.org>
Sun, 11 May 2014 23:38:37 +0000 (00:38 +0100)
committer Matt Caswell <matt@openssl.org>
Sun, 11 May 2014 23:48:17 +0000 (00:48 +0100)
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c

index 772c08929417671ceb57b32ebf2a087b2a829629..67f162c56030e212ff3701361006215cd4c98897 100644 (file)
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -655,9 +655,6 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
         SSL3_BUFFER *wb=&(s->s3->wbuf);
         SSL_SESSION *sess;
  
-       if (wb->buf == NULL)
-               if (!ssl3_setup_write_buffer(s))
-                       return -1;
  
         /* first check if there is a SSL3_BUFFER still being written
          * out.  This will happen with non blocking IO */
@@ -673,6 +670,10 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
                 /* if it went, fall through and send more stuff */
                 }
  
+       if (wb->buf == NULL)
+               if (!ssl3_setup_write_buffer(s))
+                       return -1;
+
         if (len == 0 && !create_empty_fragment)
                 return 0;
author	Matt Caswell <matt@openssl.org>
	Sun, 11 May 2014 23:38:37 +0000 (00:38 +0100)
committer	Matt Caswell <matt@openssl.org>
	Sun, 11 May 2014 23:48:17 +0000 (00:48 +0100)