]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ec559c2) | patch
Only free the read buffers if we're not using them
authorWatson Ladd <watsonbladd@gmail.com>
Wed, 24 Apr 2024 10:26:56 +0000 (11:26 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 28 May 2024 12:58:27 +0000 (13:58 +0100)
commitb3f0eb0a295f58f16ba43ba99dad70d4ee5c437d
treea2e8cd5478a85a8b16f6e6345bbad7efe7bfded7tree
parentec559c2a6cca3fd4cedae5c47f2dfa38e5e24865commit | diff
Only free the read buffers if we're not using them

If we're part way through processing a record, or the application has
not released all the records then we should not free our buffer because
they are still needed.

CVE-2024-4741

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24395)

(cherry picked from commit 704f725b96aa373ee45ecfb23f6abfe8be8d9177)
ssl/record/rec_layer_s3.c diff | blob | blame | history
ssl/record/record.h diff | blob | blame | history
ssl/ssl_lib.c diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git