[hcoop/debian/exim4.git] / debian / patches / 84_02-CVE-2020-28018-Use-after-free-in-tls-openssl.c.patch

From 86cafc842feb6223476568921c2d3e06c706cc31 Mon Sep 17 00:00:00 2001
From: Qualys Security Advisory <qsa@qualys.com>
Date: Sun, 21 Feb 2021 19:05:56 -0800
Subject: [PATCH 02/29] CVE-2020-28018: Use-after-free in tls-openssl.c

---
 src/tls-openssl.c | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/src/tls-openssl.c b/src/tls-openssl.c
index e751edd9a..2a8d4cabd 100644
--- a/src/tls-openssl.c
+++ b/src/tls-openssl.c
@@ -2910,16 +2910,12 @@ a store reset there, so use POOL_PERM. */
 
 if (!ct_ctx && (more || corked))
   {
-#ifdef EXPERIMENTAL_PIPE_CONNECT
   int save_pool = store_pool;
   store_pool = POOL_PERM;
-#endif
 
   corked = string_catn(corked, buff, len);
 
-#ifdef EXPERIMENTAL_PIPE_CONNECT
   store_pool = save_pool;
-#endif
 
   if (more)
     {
-- 
2.30.2
Commit	Line	Data
0c0c20aa AM	1	From 86cafc842feb6223476568921c2d3e06c706cc31 Mon Sep 17 00:00:00 2001
	2	From: Qualys Security Advisory <qsa@qualys.com>
	3	Date: Sun, 21 Feb 2021 19:05:56 -0800
	4	Subject: [PATCH 02/29] CVE-2020-28018: Use-after-free in tls-openssl.c
	5
	6	---
	7	src/tls-openssl.c \| 4 ----
	8	1 file changed, 4 deletions(-)
	9
	10	diff --git a/src/tls-openssl.c b/src/tls-openssl.c
	11	index e751edd9a..2a8d4cabd 100644
	12	--- a/src/tls-openssl.c
	13	+++ b/src/tls-openssl.c
	14	@@ -2910,16 +2910,12 @@ a store reset there, so use POOL_PERM. */
	15
	16	if (!ct_ctx && (more \|\| corked))
	17	{
	18	-#ifdef EXPERIMENTAL_PIPE_CONNECT
	19	int save_pool = store_pool;
	20	store_pool = POOL_PERM;
	21	-#endif
	22
	23	corked = string_catn(corked, buff, len);
	24
	25	-#ifdef EXPERIMENTAL_PIPE_CONNECT
	26	store_pool = save_pool;
	27	-#endif
	28
	29	if (more)
	30	{
	31	--
	32	2.30.2
	33