From 7a46d0910f3693f298cd2060069cfd7fb0721b76 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrien=20B=C3=A9raud?= <adrien.beraud@savoirfairelinux.com>
Date: Wed, 17 Jan 2018 10:27:07 -0500
Subject: [PATCH] TlsSession: prevent SEGFAULT in recvRaw

Set EAGAIN if rxQueue_ is empty to avoid reading
an invalid queue front.

Change-Id: I10790755a32a8fe7f26afea19691aa2ff6fa63be
Reviewed-by: Philippe Gorley <philippe.gorley@savoirfairelinux.com>
---
 src/security/tls_session.cpp | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/security/tls_session.cpp b/src/security/tls_session.cpp
index e1faa6e249..90e9956950 100644
--- a/src/security/tls_session.cpp
+++ b/src/security/tls_session.cpp
@@ -622,6 +622,11 @@ TlsSession::TlsSessionImpl::recvRaw(void* buf, size_t size)
         return -1;
     }
 
+    if (rxQueue_.empty()) {
+        gnutls_transport_set_errno(session_, EAGAIN);
+        return -1;
+    }
+
     const auto& pkt = rxQueue_.front();
     const std::size_t count = std::min(pkt.size(), size);
     std::copy_n(pkt.begin(), count, reinterpret_cast<ValueType*>(buf));
-- 
GitLab