[UNDERTOW-2413] CVE-2024-5971 At SslConduit.wrapAndFlip, make sure all the consumed bytes of the multiple wrap calls are accounted for at the returning result.

Signed-off-by: Flavia Rainone <[email protected]>
(cherry picked from commit 74fdf63)

Author: fl4via

core/src/main/java/io/undertow/protocols/ssl/SslConduit.java

@@ -1006,13 +1006,18 @@ private synchronized long doWrap(ByteBuffer[] userBuffers, int off, int len) thr
 
     private SSLEngineResult wrapAndFlip(ByteBuffer[] userBuffers, int off, int len) throws IOException {
         SSLEngineResult result = null;
+        int totalConsumedBytes = 0;
         while (result == null || (result.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_WRAP
                 && result.getStatus() != SSLEngineResult.Status.BUFFER_OVERFLOW && !engine.isInboundDone())) {
             if (userBuffers == null) {
                 result = engine.wrap(EMPTY_BUFFER, wrappedData.getBuffer());
             } else {
                 result = engine.wrap(userBuffers, off, len, wrappedData.getBuffer());
             }
+            totalConsumedBytes += result.bytesConsumed();
+        }
+        if (totalConsumedBytes != result.bytesConsumed()) {
+            result = new SSLEngineResult(result.getStatus(), result.getHandshakeStatus(), totalConsumedBytes, result.bytesProduced());
         }
         wrappedData.getBuffer().flip();
         return result;