OpenSSL followup SSL_MODE_RELEASE_BUFFERS
Dewayne Geraghty
dewayne.geraghty at heuristicsystems.com.au
Sun Apr 13 22:40:52 UTC 2014
On 13/04/2014 6:09 PM, Christian Kratzer wrote:
> Hi,
>
> apparentyly openbsd has more or less silently fixed an older openssl
> issue that has been stuck in the openssl bug tracker:
>
> The openbsd patch:
>
> http://www.openbsd.org/errata55.html#004_openssl
>
>
> http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig
>
> The original issue:
>
>
> http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse
>
> Here is the openssl bug:
>
> http://rt.openssl.org/Ticket/Display.html?id=2167
>
> The patch;
>
> diff -u -p -u -r1.20 -r1.20.4.1
> --- lib/libssl/src/ssl/s3_pkt.c 27 Feb 2014 21:04:57 -0000 1.20
> +++ lib/libssl/src/ssl/s3_pkt.c 12 Apr 2014 17:01:14 -0000
> 1.20.4.1
> @@ -1054,7 +1054,7 @@ start:
> {
> s->rstate=SSL_ST_READ_HEADER;
> rr->off=0;
> - if (s->mode & SSL_MODE_RELEASE_BUFFERS)
> + if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
> s->s3->rbuf.left == 0)
> ssl3_release_read_buffer(s);
> }
> }
>
> Can somebody rattle openssl upstream to get them to comment on this ?
>
> Should freebsd roll out a patch ?
>
> Greetings
> Christian
>
Thank-you Dirk for promptly deploying the patch to openssl port:
http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191&view=markup
Regards, Dewayne
More information about the freebsd-security
mailing list