From: Dr. Stephen Henson <steve@openssl.org>
Date: Wed, 25 May 2011 15:21:12 +0000 (+0000)
Subject: PR: 2533
X-Git-Tag: OpenSSL_1_0_0e~34
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=dce7b92d0b19940ee0c78c20a7c64b9da9b59784;p=oweals%2Fopenssl.git

PR: 2533
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Setting SSL_MODE_RELEASE_BUFFERS should be ignored for DTLS, but instead causes
the program to crash. This is due to missing version checks and is fixed with
this patch.
---

diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index e3f6050a26..f9b3629cf7 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -246,7 +246,8 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
 		if (i <= 0)
 			{
 			rb->left = left;
-			if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+			if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
+			    SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER)
 				if (len+left == 0)
 					ssl3_release_read_buffer(s);
 			return(i);
@@ -846,7 +847,8 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
 			{
 			wb->left=0;
 			wb->offset+=i;
-			if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+			if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
+			    SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER)
 				ssl3_release_write_buffer(s);
 			s->rwstate=SSL_NOTHING;
 			return(s->s3->wpend_ret);