diff options
author | Todd Short <tshort@akamai.com> | 2017-04-26 14:05:49 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2017-06-02 12:11:38 -0400 |
commit | 1ee2125922d3302e3ea738442bf2b051a445cac0 (patch) | |
tree | 0259c6728f45fd4d836777787dbc4aa9ae23e814 /crypto/ex_data.c | |
parent | 01dfaa08b1960049f91485f2e5eec6c6bd03db39 (diff) |
Fix ex_data and session_dup issues
Code was added in commit b3c31a65 that overwrote the last ex_data value
using CRYPTO_dup_ex_data() causing a memory leak, and potentially
confusing the ex_data dup() callback.
In ssl_session_dup(), fix error handling (properly reference and up-ref
shared data) and new-up the ex_data before calling CRYPTO_dup_ex_data();
all other structures that dup ex_data have the destination ex_data new'd
before the dup.
Fix up some of the ex_data documentation.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3323)
Diffstat (limited to 'crypto/ex_data.c')
-rw-r--r-- | crypto/ex_data.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/crypto/ex_data.c b/crypto/ex_data.c index 4a3201a953..22c4d3d9b9 100644 --- a/crypto/ex_data.c +++ b/crypto/ex_data.c @@ -287,7 +287,14 @@ int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, CRYPTOerr(CRYPTO_F_CRYPTO_DUP_EX_DATA, ERR_R_MALLOC_FAILURE); return 0; } - if (!CRYPTO_set_ex_data(to, mx - 1, NULL)) + /* + * Make sure the ex_data stack is at least |mx| elements long to avoid + * issues in the for loop that follows; so go get the |mx|'th element + * (if it does not exist CRYPTO_get_ex_data() returns NULL), and assign + * to itself. This is normally a no-op; but ensures the stack is the + * proper size + */ + if (!CRYPTO_set_ex_data(to, mx - 1, CRYPTO_get_ex_data(to, mx - 1))) goto err; for (i = 0; i < mx; i++) { |