New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix possible IOOBE when calling ReferenceCountedSslEngine.unwrap(...)… #6236

Closed
wants to merge 1 commit into
base: 4.1
from

Conversation

Projects
None yet
2 participants
@normanmaurer
Member

normanmaurer commented Jan 18, 2017

… with heap buffers.

Motivation:

fc3c9c9 introduced a bug which will have ReferenceCountedSslEngine.unwrap(...) produce an IOOBE when be called with an BŷteBuffer as src that contains multiple SSLRecords and has a position != 0.

Modification:

  • Correctly set the limit on the ByteBuffer and so fix the IOOBE.
  • Add test-case to verify the fix

Result:

Correctly handle heap buffers as well.

Fix possible IOOBE when calling ReferenceCountedSslEngine.unwrap(...)…
… with heap buffers.

Motivation:

fc3c9c9 introduced a bug which will have ReferenceCountedSslEngine.unwrap(...) produce an IOOBE when be called with an BŷteBuffer as src that contains multiple SSLRecords and has a position != 0.

Modification:

- Correctly set the limit on the ByteBuffer and so fix the IOOBE.
- Add test-case to verify the fix

Result:

Correctly handle heap buffers as well.
@normanmaurer

This comment has been minimized.

Show comment
Hide comment
@normanmaurer

normanmaurer Jan 19, 2017

Member

Cherry-picked into 4.1 (8215017) and 4.0 (f88073f)

Member

normanmaurer commented Jan 19, 2017

Cherry-picked into 4.1 (8215017) and 4.0 (f88073f)

@Scottmitch Scottmitch deleted the ssl_heap branch Jan 19, 2017

@Scottmitch

This comment has been minimized.

Show comment
Hide comment
@Scottmitch

Scottmitch Jan 19, 2017

Member

(branch deleted)

Member

Scottmitch commented Jan 19, 2017

(branch deleted)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment