diff options
author | Todd Short <tshort@akamai.com> | 2017-04-26 14:05:49 -0400 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-06-14 10:38:51 +0100 |
commit | 8ab4fed9bdcc5b8498b3d59d2fa72dd045f63539 (patch) | |
tree | 09d80a30db55902e9b4dc750a1ed0b6258facdfe /doc | |
parent | 819d18f6116e97845ebe453128f3c2a78e42a785 (diff) |
Fix ex_data and session_dup issues
Code was added in commit b3c31a65 that overwrote the last ex_data value
using CRYPTO_dup_ex_data() causing a memory leak, and potentially
confusing the ex_data dup() callback.
In ssl_session_dup(), fix error handling (properly reference and up-ref
shared data) and new-up the ex_data before calling CRYPTO_dup_ex_data();
all other structures that dup ex_data have the destination ex_data new'd
before the dup.
Fix up some of the ex_data documentation.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3625)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/crypto/CRYPTO_get_ex_new_index.pod | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/doc/crypto/CRYPTO_get_ex_new_index.pod b/doc/crypto/CRYPTO_get_ex_new_index.pod index 0853ce588c..a5bf620972 100644 --- a/doc/crypto/CRYPTO_get_ex_new_index.pod +++ b/doc/crypto/CRYPTO_get_ex_new_index.pod @@ -17,8 +17,8 @@ CRYPTO_get_ex_data, CRYPTO_free_ex_data, CRYPTO_new_ex_data CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); - typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); + typedef void CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, + int idx, long argl, void *argp); typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp); typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from, @@ -128,7 +128,8 @@ initially registered via CRYPTO_get_ex_new_index() and can be used if the same callback handles different types of exdata. dup_func() is called when a structure is being copied. This is only done -for B<SSL> and B<SSL_SESSION> objects. The B<to> and B<from> parameters +for B<SSL>, B<SSL_SESSION>, B<EC_KEY> objects and B<BIO> chains via +BIO_dup_chain(). The B<to> and B<from> parameters are pointers to the destination and source B<CRYPTO_EX_DATA> structures, respectively. The B<from_d> parameter needs to be cast to a B<void **pptr> as the API has currently the wrong signature; that will be changed in a |