Fix OpenSSL NULL pointer deference vulnerability.

Obtained from: OpenBSD Security: FreeBSD-SA-14:09.openssl Security: CVE-2014-0198
rpaulo · May 13, 2014 · 43c7f4a · 43c7f4a
1 parent 4ec7183
commit 43c7f4a
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/crypto/openssl/ssl/s3_pkt.c b/crypto/openssl/ssl/s3_pkt.c
@@ -657,6 +657,10 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
 		if (i <= 0)
 			return(i);
 		/* if it went, fall through and send more stuff */
+		/* we may have released our buffer, so get it again */
+		if (wb->buf == NULL)
+			if (!ssl3_setup_write_buffer(s))
+				return -1;
 		}
 
 	if (len == 0 && !create_empty_fragment)