]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: eb1b744) | patch
Only free the read buffers if we're not using them
authorWatson Ladd <watsonbladd@gmail.com>
Wed, 24 Apr 2024 10:26:56 +0000 (11:26 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 28 May 2024 12:52:00 +0000 (13:52 +0100)
commit704f725b96aa373ee45ecfb23f6abfe8be8d9177
tree810e1c762d636c24d8a6ece79ea6f46e01ef5275tree
parenteb1b744102ae0a88344f1b56165b1d62cb54b3c9commit | diff
Only free the read buffers if we're not using them

If we're part way through processing a record, or the application has
not released all the records then we should not free our buffer because
they are still needed.

CVE-2024-4741

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24395)
ssl/record/rec_layer_s3.c diff | blob | blame | history
ssl/record/record.h diff | blob | blame | history
ssl/ssl_lib.c diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git