Fix OpenSSL NULL pointer deference vulnerability.

Obtained from:	OpenBSD
Security:	FreeBSD-SA-14:09.openssl
Security:	CVE-2014-0198
This commit is contained in:
Xin LI 2014-05-13 23:17:24 +00:00
parent 1f4a471ae7
commit f5da602e47

View File

@ -657,6 +657,10 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
if (i <= 0)
return(i);
/* if it went, fall through and send more stuff */
/* we may have released our buffer, so get it again */
if (wb->buf == NULL)
if (!ssl3_setup_write_buffer(s))
return -1;
}
if (len == 0 && !create_empty_fragment)