apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From david reid <da...@jetnet.co.uk>
Subject Re: [PATCH] seg fault in apr_ssl_openssl.c
Date Wed, 14 Feb 2007 16:16:04 GMT
Chad Fox wrote:
> In the event that SSL_accept fails, openssl_get_error is called with
> newSock passed as the apr_ssl_socket_t argument.  openssl_get_error
> expects to be able to access the element sslData->ssl of that structure,
> which hasn't been initialized.  This can result in a seg fault if the
> accept fails.  Moving the population of the structure before the
> SSL_accept.

Good catch :-)

> 
> -START PATCH-------------------------------------------------------
> 
> Index: ssl/apr_ssl_openssl.c
> ===================================================================
> --- ssl/apr_ssl_openssl.c       (revision 507043)
> +++ ssl/apr_ssl_openssl.c       (working copy)
> @@ -200,14 +200,15 @@
>          return -1;
>      SSL_set_fd(sslData->ssl, fd);
> 
> +    newSock->pool = pool;
> +    newSock->sslData = sslData;
> +    newSock->factory = oldSock->factory;
> +
>      if ((sslOp = SSL_accept(sslData->ssl)) != 1) {
>          openssl_get_error(newSock, sslOp);
>          return -1;
>      }
> 
> -    newSock->pool = pool;
> -    newSock->sslData = sslData;
> -    newSock->factory = oldSock->factory;
>      return APR_SUCCESS;
>  }
> 
> -END PATCH---------------------------------------------------------
> 
> Chad Fox
> chad@gigapogo.com
> 
> 
> 


-- 
david

http://feathercast.org/

Mime
View raw message