generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Multiblock corrupted pointer fix

Browse Source 
OpenSSL 1.0.2 introduced the "multiblock" performance improvement. This
feature only applies on 64 bit x86 architecture platforms that support AES
NI instructions. A defect in the implementation of "multiblock" can cause
OpenSSL's internal write buffer to become incorrectly set to NULL when
using non-blocking IO. Typically, when the user application is using a
socket BIO for writing, this will only result in a failed connection.
However if some other BIO is used then it is likely that a segmentation
fault will be triggered, thus enabling a potential DoS attack.

CVE-2015-0290

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
This commit is contained in:
Matt Caswell 2015-03-02 09:27:10 +00:00
parent 8b84495380
commit 77c77f0a1b
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ssl/s3_pkt.c
View File

@ -785,7 +785,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
i = ssl3_write_pending(s, type, &buf[tot], nw);
if (i <= 0) {
if (i < 0) {
if (i < 0 && (!s->wbio || !BIO_should_retry(s->wbio))) {
OPENSSL_free(wb->buf);
wb->buf = NULL;
}