From: Bernd Edlinger <bernd.edlinger@hotmail.de>
Date: Fri, 9 Feb 2018 16:19:50 +0000 (+0100)
Subject: Swap the check in ssl3_write_pending to avoid using
X-Git-Tag: OpenSSL_1_1_1-pre1~16
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=ebc20cfa746cb7dec91aff1e241063d785644fe3;p=oweals%2Fopenssl.git

Swap the check in ssl3_write_pending to avoid using
the possibly indeterminate pointer value in wpend_buf.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5305)
---

diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 24e260efbe..fbb7461772 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -1115,8 +1115,8 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, size_t len,
     size_t tmpwrit = 0;
 
     if ((s->rlayer.wpend_tot > len)
-        || ((s->rlayer.wpend_buf != buf) &&
-            !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))
+        || (!(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)
+            && (s->rlayer.wpend_buf != buf))
         || (s->rlayer.wpend_type != type)) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_WRITE_PENDING,
                  SSL_R_BAD_WRITE_RETRY);