From: Aki Tuomi <aki.tuomi@open-xchange.com>
Date: Tue, 11 Aug 2020 05:45:37 +0000 (+0300)
Subject: lib-ssl-iostream: ostream-openssl - Allocate at most IO_BLOCK_SIZE initial buffer
X-Git-Tag: 2.3.13~209
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c2631470a76e0410e8d9739a01ed3b9748abcb92;p=thirdparty%2Fdovecot%2Fcore.git

lib-ssl-iostream: ostream-openssl - Allocate at most IO_BLOCK_SIZE initial buffer

Otherwise we might attempt to allocate way too large buffers. This has not caused
issues yet, except with max_buffer_size=SIZE_T, which has been causing us to allocate
0-sized buffers.
---

diff --git a/src/lib-ssl-iostream/ostream-openssl.c b/src/lib-ssl-iostream/ostream-openssl.c
index ed80bf0acf..2e653c7e18 100644
--- a/src/lib-ssl-iostream/ostream-openssl.c
+++ b/src/lib-ssl-iostream/ostream-openssl.c
@@ -57,7 +57,8 @@ o_stream_ssl_buffer(struct ssl_ostream *sstream, const struct const_iovec *iov,
 	unsigned int i;
 
 	if (sstream->buffer == NULL)
-		sstream->buffer = buffer_create_dynamic(default_pool, sstream->ostream.max_buffer_size);
+		sstream->buffer = buffer_create_dynamic(default_pool,
+			I_MIN(IO_BLOCK_SIZE, sstream->ostream.max_buffer_size));
 
 	skip_left = bytes_sent;
 	for (i = 0; i < iov_count; i++) {