From c20d923b46641030cb2946a1922ee344b9d27e43 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Tue, 25 Apr 2023 11:39:26 +0100
Subject: [PATCH] Release zero length handshake fragment records

If we are processing a hanshake fragment and we end up with a
zero length record, then we still need to release it to avoid an
infinite loop.

Fixes #20821

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20824)
---
 ssl/record/rec_layer_s3.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index bba8b7fa026..f9806e97991 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -939,9 +939,13 @@ int ssl3_read_bytes(SSL *ssl, int type, int *recvd_type, unsigned char *buf,
         if (n > 0) {
             memcpy(dest + *dest_len, rr->data + rr->off, n);
             *dest_len += n;
-            if (!ssl_release_record(s, rr, n))
-                return -1;
         }
+        /*
+         * We release the number of bytes consumed, or the whole record if it
+         * is zero length
+         */
+        if ((n > 0 || rr->length == 0) && !ssl_release_record(s, rr, n))
+            return -1;
 
         if (*dest_len < dest_maxlen)
             goto start;     /* fragment was too small */
-- 
2.47.2