From 9c8922acadb5187c274250d6cde653b7bad2559e Mon Sep 17 00:00:00 2001 From: Aman Gupta Date: Mon, 13 Nov 2017 15:02:44 -0600 Subject: [PATCH] This fixes a deadlock while reading a chunked https response, if multiple_requests=1 is also set. Without an EOF to signal the end of the last chunk, tls_read gets stuck forever trying to read more data than is available. This occurs with the http protocol reproducibly, because http.c always reads 4kb at a time, and the last chunk of an http response is often much smaller. After this commit, tls_read always returns any buffered plaintext first before attempting to read more encrypted data off the underlying tcp socket. Signed-off-by: Rodger Combs --- libavformat/tls_securetransport.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/libavformat/tls_securetransport.c b/libavformat/tls_securetransport.c index dc32eb1fa8..37380541b1 100644 --- a/libavformat/tls_securetransport.c +++ b/libavformat/tls_securetransport.c @@ -364,8 +364,12 @@ static int map_ssl_error(OSStatus status, size_t processed) static int tls_read(URLContext *h, uint8_t *buf, int size) { TLSContext *c = h->priv_data; - size_t processed = 0; - int ret = SSLRead(c->ssl_context, buf, size, &processed); + size_t available = 0, processed = 0; + int ret; + SSLGetBufferedReadSize(c->ssl_context, &available); + if (available) + size = FFMIN(available, size); + ret = SSLRead(c->ssl_context, buf, size, &processed); ret = map_ssl_error(ret, processed); if (ret > 0) return ret;