From: Matt Caswell Date: Tue, 26 Apr 2016 15:07:17 +0000 (+0100) Subject: Use the current record offset in ssl3_get_record X-Git-Tag: OpenSSL_1_1_0-pre6~808 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=de0717ebccd7daf6e68b6aae09e900c9cd9ad37d;p=oweals%2Fopenssl.git Use the current record offset in ssl3_get_record The function ssl3_get_record() can obtain multiple records in one go as long as we are set up for pipelining and all the records are app data records. The logic in the while loop which reads in each record is supposed to only continue looping if the last record we read was app data and we have an app data record waiting in the buffer to be processed. It was actually checking that the first record had app data and we have an app data record waiting. This actually amounts to the same thing so wasn't wrong - but it looks a bit odd because it uses the |rr| array without an offset. Reviewed-by: Viktor Dukhovni --- diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index 766c3af552..beef2b3dfb 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -420,7 +420,8 @@ int ssl3_get_record(SSL *s) /* we have pulled in a full packet so zero things */ RECORD_LAYER_reset_packet_length(&s->rlayer); - } while (num_recs < max_recs && rr->type == SSL3_RT_APPLICATION_DATA + } while (num_recs < max_recs + && rr[num_recs-1].type == SSL3_RT_APPLICATION_DATA && SSL_USE_EXPLICIT_IV(s) && s->enc_read_ctx != NULL && (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(s->enc_read_ctx))