[UNDERTOW-2239] CVE-2023-1108 At SslConduit.wrapAndFlip, do not attem…

…pt to wrap if engine.isInboundDone() Signed-off-by: Flavia Rainone <[email protected]>
undertow-io · Mar 26, 2023 · 1302c8c · 1302c8c
1 parent a511cb5
commit 1302c8c
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/core/src/main/java/io/undertow/protocols/ssl/SslConduit.java b/core/src/main/java/io/undertow/protocols/ssl/SslConduit.java
@@ -999,7 +999,8 @@ private synchronized long doWrap(ByteBuffer[] userBuffers, int off, int len) thr
 
     private SSLEngineResult wrapAndFlip(ByteBuffer[] userBuffers, int off, int len) throws IOException {
         SSLEngineResult result = null;
-        while (result == null || (result.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_WRAP && result.getStatus() != SSLEngineResult.Status.BUFFER_OVERFLOW)) {
+        while (result == null || (result.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_WRAP
+                && result.getStatus() != SSLEngineResult.Status.BUFFER_OVERFLOW && !engine.isInboundDone())) {
             if (userBuffers == null) {
                 result = engine.wrap(EMPTY_BUFFER, wrappedData.getBuffer());
             } else {