|
|
bf760f |
diff -up openssl-3.0.1/apps/s_server.c.handle-records openssl-3.0.1/apps/s_server.c
|
|
|
bf760f |
--- openssl-3.0.1/apps/s_server.c.handle-records 2022-02-03 15:26:16.803434943 +0100
|
|
|
bf760f |
+++ openssl-3.0.1/apps/s_server.c 2022-02-03 15:34:33.358298697 +0100
|
|
|
bf760f |
@@ -2982,7 +2982,9 @@ static int www_body(int s, int stype, in
|
|
|
bf760f |
/* Set width for a select call if needed */
|
|
|
bf760f |
width = s + 1;
|
|
|
bf760f |
|
|
|
bf760f |
- buf = app_malloc(bufsize, "server www buffer");
|
|
|
bf760f |
+ /* as we use BIO_gets(), and it always null terminates data, we need
|
|
|
bf760f |
+ * to allocate 1 byte longer buffer to fit the full 2^14 byte record */
|
|
|
bf760f |
+ buf = app_malloc(bufsize + 1, "server www buffer");
|
|
|
bf760f |
io = BIO_new(BIO_f_buffer());
|
|
|
bf760f |
ssl_bio = BIO_new(BIO_f_ssl());
|
|
|
bf760f |
if ((io == NULL) || (ssl_bio == NULL))
|
|
|
bf760f |
@@ -3047,7 +3049,7 @@ static int www_body(int s, int stype, in
|
|
|
bf760f |
}
|
|
|
bf760f |
|
|
|
bf760f |
for (;;) {
|
|
|
bf760f |
- i = BIO_gets(io, buf, bufsize - 1);
|
|
|
bf760f |
+ i = BIO_gets(io, buf, bufsize + 1);
|
|
|
bf760f |
if (i < 0) { /* error */
|
|
|
bf760f |
if (!BIO_should_retry(io) && !SSL_waiting_for_async(con)) {
|
|
|
bf760f |
if (!s_quiet)
|
|
|
bf760f |
@@ -3112,7 +3114,7 @@ static int www_body(int s, int stype, in
|
|
|
bf760f |
* we're expecting to come from the client. If they haven't
|
|
|
bf760f |
* sent one there's not much we can do.
|
|
|
bf760f |
*/
|
|
|
bf760f |
- BIO_gets(io, buf, bufsize - 1);
|
|
|
bf760f |
+ BIO_gets(io, buf, bufsize + 1);
|
|
|
bf760f |
}
|
|
|
bf760f |
|
|
|
bf760f |
BIO_puts(io,
|
|
|
bf760f |
@@ -3401,7 +3403,9 @@ static int rev_body(int s, int stype, in
|
|
|
bf760f |
SSL *con;
|
|
|
bf760f |
BIO *io, *ssl_bio, *sbio;
|
|
|
bf760f |
|
|
|
bf760f |
- buf = app_malloc(bufsize, "server rev buffer");
|
|
|
bf760f |
+ /* as we use BIO_gets(), and it always null terminates data, we need
|
|
|
bf760f |
+ * to allocate 1 byte longer buffer to fit the full 2^14 byte record */
|
|
|
bf760f |
+ buf = app_malloc(bufsize + 1, "server rev buffer");
|
|
|
bf760f |
io = BIO_new(BIO_f_buffer());
|
|
|
bf760f |
ssl_bio = BIO_new(BIO_f_ssl());
|
|
|
bf760f |
if ((io == NULL) || (ssl_bio == NULL))
|
|
|
bf760f |
@@ -3476,7 +3480,7 @@ static int rev_body(int s, int stype, in
|
|
|
bf760f |
print_ssl_summary(con);
|
|
|
bf760f |
|
|
|
bf760f |
for (;;) {
|
|
|
bf760f |
- i = BIO_gets(io, buf, bufsize - 1);
|
|
|
bf760f |
+ i = BIO_gets(io, buf, bufsize + 1);
|
|
|
bf760f |
if (i < 0) { /* error */
|
|
|
bf760f |
if (!BIO_should_retry(io)) {
|
|
|
bf760f |
if (!s_quiet)
|