Skip to content
Commit b8d24395 authored by Matt Caswell's avatar Matt Caswell
Browse files

Fix a hang with SSL_peek()



If while calling SSL_peek() we read an empty record then we go into an
infinite loop, continually trying to read data from the empty record and
never making any progress. This could be exploited by a malicious peer in
a Denial Of Service attack.

CVE-2016-6305

GitHub Issue #1563

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
parent c31dbed7
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment