Fix OpenSSL NULL pointer deference vulnerability.

Obtained from: OpenBSD Security: FreeBSD-SA-14:09.openssl Security: CVE-2014-0198
svn path=/head/; revision=265985
2014-05-13 23:17:24 +00:00 · 2014-05-13 23:17:24 +00:00 · f5da602e47 · 2020-12-20 02:59:44 +00:00
commit f5da602e47
parent 1f4a471ae7
1 changed files with 4 additions and 0 deletions
--- a/crypto/openssl/ssl/s3_pkt.c
+++ b/crypto/openssl/ssl/s3_pkt.c
@ -657,6 +657,10 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
 		if (i <= 0)
 			return(i);
 		/* if it went, fall through and send more stuff */
+		/* we may have released our buffer, so get it again */
+		if (wb->buf == NULL)
+			if (!ssl3_setup_write_buffer(s))
+				return -1;
 		}

 	if (len == 0 && !create_empty_fragment)