public/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Don't decrement the unreleased counter if we failed to release a record

Browse source 
In a failure situation we may incorrectly decrement the amount of data
released. Only decrement the counter if we successfully released.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27091)
This commit is contained in:
Matt Caswell 2025-03-18 12:05:08 +00:00 committed by Tomas Mraz
parent f2488a567b
commit 4ad45969b0
1 changed files with 8 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

19
ssl/quic/quic_tls.c
View file

@ -423,18 +423,15 @@ static int quic_release_record(OSSL_RECORD_LAYER *rl, void *rechandle,
return OSSL_RECORD_RETURN_FATAL;
}
rl->recunreleased -= length;
if (rl->recunreleased > 0)
return OSSL_RECORD_RETURN_SUCCESS;
if (!rl->qtls->args.crypto_release_rcd_cb(rl->recread,
rl->qtls->args.crypto_release_rcd_cb_arg)) {
QUIC_TLS_FATAL(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
return OSSL_RECORD_RETURN_FATAL;
if (rl->recunreleased == length) {
if (!rl->qtls->args.crypto_release_rcd_cb(rl->recread,
rl->qtls->args.crypto_release_rcd_cb_arg)) {
QUIC_TLS_FATAL(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
return OSSL_RECORD_RETURN_FATAL;
}
rl->recread = 0;
}
rl->recread = 0;
rl->recunreleased -= length;
return OSSL_RECORD_RETURN_SUCCESS;
}