Overview

File CVE-2010-5298.patch of Package openssl.openSUSE_12.3_Update

Index: openssl-1.0.1g/ssl/s3_pkt.c
===================================================================
--- openssl-1.0.1g.orig/ssl/s3_pkt.c
+++ openssl-1.0.1g/ssl/s3_pkt.c
@@ -1055,7 +1055,7 @@ start:
 				{
 				s->rstate=SSL_ST_READ_HEADER;
 				rr->off=0;
-				if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+				if (s->mode & SSL_MODE_RELEASE_BUFFERS && s->s3->rbuf.left == 0)
 					ssl3_release_read_buffer(s);
 				}
 			}
openSUSE Build Service is sponsored by
Places