File _service:obs_scm:CVE-2021-41079.patch of Package tomcat

From d4b340fa8feaf55831f9a59350578f7b6ca048b8 Mon Sep 17 00:00:00 2001
From: Mark Thomas <markt@apache.org>
Date: Wed, 3 Mar 2021 12:00:46 +0000
Subject: [PATCH] Improve robustness

---
 .../apache/tomcat/util/net/openssl/LocalStrings.properties  | 1 +
 java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java  | 6 ++++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties b/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties
index 1919159..1ab5f43 100644
--- a/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties
+++ b/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties
@@ -52,6 +52,7 @@ engine.nullCipherSuite=Null cipher suite
 engine.unsupportedCipher=Unsupported cipher suite: [{0}] [{1}]
 engine.emptyCipherSuite=Empty cipher suite
 engine.failedCipherSuite=Failed to enable cipher suite [{0}]
+engine.failedToReadAvailableBytes=There are plain text bytes available to read but no bytes were read
 engine.unsupportedProtocol=Protocol [{0}] is not supported
 engine.unverifiedPeer=Peer unverified
 engine.noSession=SSL session ID not available
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
index 15c6f56..b837fd6 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
@@ -593,8 +593,10 @@ public final class OpenSSLEngine extends SSLEngine implements SSLUtil.ProtocolIn
                     throw new SSLException(e);
                 }
 
-                if (bytesRead == 0) {
-                    break;
+                if (bytesRead <= 0) {
+                    // This should not be possible. pendingApp is positive
+                    // therefore the read should have read at least one byte.
+                    throw new IllegalStateException(sm.getString("engine.failedToReadAvailableBytes"));
                 }
 
                 bytesProduced += bytesRead;
-- 
2.27.0