apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Philip Martin <philip.mar...@wandisco.com>
Subject PATCH apr_crypto_get_driver should not return pointer to stack memory
Date Thu, 21 Aug 2014 15:13:38 GMT
If apr_crypto_get_driver fails the returned error contains a pointer to
a stack buffer and any access to it by the caller is undefined
behaviour. Patch against trunk (also applies to 1.5 and 1.4):
 
* crypto/apr_crypto.c
  (apr_crypto_get_driver): Allocate error data from pool.

Index: crypto/apr_crypto.c
===================================================================
--- crypto/apr_crypto.c	(revision 1619404)
+++ crypto/apr_crypto.c	(working copy)
@@ -198,7 +198,7 @@ APR_DECLARE(apr_status_t) apr_crypto_get_driver(
         if (err && buffer) {
             apr_dso_error(dso, buffer, ERROR_SIZE - 1);
             err->msg = buffer;
-            err->reason = modname;
+            err->reason = apr_pstrdup(pool, modname);
             *result = err;
         }
     }

-- 
Philip Martin | Subversion Committer
WANdisco // *Non-Stop Data*

Mime
View raw message