PR: 1748

Fix nasty SSL BIO pop bug. Since this changes the behaviour of SSL BIOs and will break applications that worked around the bug only included in 1.0.0 and later.
author: Dr. Stephen Henson <steve@openssl.org> 2009-06-25 11:26:45 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2009-06-25 11:26:45 +0000
commit: 0cb76e79df31e8c6ef9dbbfb92330f90243766be (patch)
tree: a80abc7b7875a90de0668b3253bd1795b0022f7c /ssl
parent: 6cb419673e36efdde0731d2d81c2e2c90e4152ff (diff)
download: openssl-new-0cb76e79df31e8c6ef9dbbfb92330f90243766be.tar.gz
1 files changed, 11 insertions, 9 deletions
diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c
index da6dfd2262..af319af302 100644
--- a/ssl/bio_ssl.c
+++ b/ssl/bio_ssl.c
@@ -398,17 +398,19 @@ static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
 			}
 		break;
 	case BIO_CTRL_POP:
-		/* ugly bit of a hack */
-		if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */
+		/* Only detach if we are the BIO explicitly being popped */
+		if (b == ptr)
 			{
-			BIO_free_all(ssl->wbio);
-			}
-		if (b->next_bio != NULL)
-			{
-			CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO);
+			/* Shouldn't happen in practice because the
+			 * rbio and wbio are the same when pushed.
+			 */
+			if (ssl->rbio != ssl->wbio)
+				BIO_free_all(ssl->wbio);
+			if (b->next_bio != NULL)
+				CRYPTO_add(&b->next_bio->references,-1,CRYPTO_LOCK_BIO);
+			ssl->wbio=NULL;
+			ssl->rbio=NULL;
 			}
-		ssl->wbio=NULL;
-		ssl->rbio=NULL;
 		break;
 	case BIO_C_DO_STATE_MACHINE:
 		BIO_clear_retry_flags(b);
author	Dr. Stephen Henson <steve@openssl.org>	2009-06-25 11:26:45 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2009-06-25 11:26:45 +0000
commit	0cb76e79df31e8c6ef9dbbfb92330f90243766be (patch)
tree	a80abc7b7875a90de0668b3253bd1795b0022f7c /ssl
parent	6cb419673e36efdde0731d2d81c2e2c90e4152ff (diff)
download	openssl-new-0cb76e79df31e8c6ef9dbbfb92330f90243766be.tar.gz