File openssl-CVE-2024-4741.patch of Package openssl-1_1

Overview Repositories Revisions Requests Users Attributes Meta

File openssl-CVE-2024-4741.patch of Package openssl-1_1

@@ -, +, @@ 
---
 ssl/record/methods/tls_common.c | 8 ++++++++
 1 file changed, 8 insertions(+)
--- openssl-1.1.1l/ssl/record/ssl3_buffer.c	
+++ openssl-1.1.1l/ssl/record/ssl3_buffer.c	
@@ -174,5 +174,7 @@ int ssl3_release_read_buffer(SSL *s)
     b = RECORD_LAYER_get_rbuf(&s->rlayer);
     OPENSSL_free(b->buf);
     b->buf = NULL;
+    s->rlayer.packet = NULL;
+    s->rlayer.packet_length = 0;
     return 1;
 }
--- openssl-1.1.1l/ssl/record/rec_layer_s3.c	
+++ openssl-1.1.1l/ssl/record/rec_layer_s3.c	
@@ -16,6 +16,7 @@ 
 #include <openssl/rand.h>
 #include "record_local.h"
 #include "../packet_local.h"
+#include "internal/cryptlib.h"
 
 #if     defined(OPENSSL_SMALL_FOOTPRINT) || \
         !(      defined(AESNI_ASM) &&   ( \
@@ -225,6 +226,12 @@ int ssl3_read_n(SSL *s, size_t n, size_t
         s->rlayer.packet_length = 0;
         /* ... now we can act as if 'extend' was set */
     }
+    if (!ossl_assert(s->rlayer.packet != NULL)) {
+        /* does not happen */
+        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_READ_N,
+                 ERR_R_INTERNAL_ERROR);
+        return -1;
+    }
 
     len = s->rlayer.packet_length;
     pkt = rb->buf + align;

Places

File openssl-CVE-2024-4741.patch of Package openssl-1_1

Places