mirror of
https://github.com/openssl/openssl.git
synced 2025-03-31 20:10:45 +08:00
074a6e86e6
With KTLS, writes to an SSL connection store the application buffer pointer directly in the 'buf' member instead of allocating a separate buffer to hold the encrypted data. As a result, ssl3_release_write_buffer() has to avoid freeing these 'buf' pointers. Previously, ssl3_release_write_buffer() checked for KTLS being enabled on the write BIO to determine if a buffer should be freed. However, a buffer can outlive a BIO. For example, 'openssl s_time' creates new write BIOs when reusing sessions. Since the new BIO did not have KTLS enabled at the start of a connection, ssl3_release_write_buffer() would incorrectly try to free the 'buf' pointer from the previous KTLS connection. To fix, track the state of 'buf' explicitly in SSL3_BUFFER to determine if the 'buf' should be freed or simply cleared. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10489)