summaryrefslogtreecommitdiffstats
path: root/main/openssl/openssl-0.9.8l-CVE-2009-1387.patch
blob: c8ff15e505c04638667d0615cde8df0ce1fc450b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
http://bugs.gentoo.org/270305

fix from upstream

Index: ssl/d1_both.c
===================================================================
RCS file: /usr/local/src/openssl/CVSROOT/openssl/ssl/d1_both.c,v
retrieving revision 1.4.2.7
retrieving revision 1.4.2.8
diff -u -p -r1.4.2.7 -r1.4.2.8
--- a/ssl/d1_both.c	17 Oct 2007 21:17:49 -0000	1.4.2.7
+++ b/ssl/d1_both.c	2 Apr 2009 22:12:13 -0000	1.4.2.8
@@ -575,30 +575,31 @@ dtls1_process_out_of_seq_message(SSL *s,
 			}
 		}
 
-	frag = dtls1_hm_fragment_new(frag_len);
-	if ( frag == NULL)
-		goto err;
+	if (frag_len)
+	{
+		frag = dtls1_hm_fragment_new(frag_len);
+		if ( frag == NULL)
+			goto err;
 
-	memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
+		memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
 
-	if (frag_len)
-		{
-		/* read the body of the fragment (header has already been read */
+		/* read the body of the fragment (header has already been read) */
 		i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
 			frag->fragment,frag_len,0);
 		if (i<=0 || (unsigned long)i!=frag_len)
 			goto err;
-		}
 
-	pq_64bit_init(&seq64);
-	pq_64bit_assign_word(&seq64, msg_hdr->seq);
+		pq_64bit_init(&seq64);
+		pq_64bit_assign_word(&seq64, msg_hdr->seq);
 
-	item = pitem_new(seq64, frag);
-	pq_64bit_free(&seq64);
-	if ( item == NULL)
-		goto err;
+		item = pitem_new(seq64, frag);
+		pq_64bit_free(&seq64);
+		if ( item == NULL)
+			goto err;
+
+		pqueue_insert(s->d1->buffered_messages, item);
+	}
 
-	pqueue_insert(s->d1->buffered_messages, item);
 	return DTLS1_HM_FRAGMENT_RETRY;
 
 err: