Welcome! Log In Create A New Profile

Advanced

Re: SSL memory bug?

Previous Message Next Message
Forum List Message List New Topic Print View
Maxim Dounin
September 29, 2014 08:18AM
Hello!

On Mon, Sep 29, 2014 at 02:03:08PM +0530, Fasih wrote:

> Hi
>
> I was looking at ngx_event_openssl.c, when I saw this.
>
> if (SSL_CTX_set_ex_data(ssl->ctx, ngx_ssl_certificate_index, x509)
> == 0)
> {
> ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
> "SSL_CTX_set_ex_data() failed");
> X509_free(x509);
> BIO_free(bio);
> return NGX_ERROR;
> }
>
> X509_free(x509);
>
>
> We just free the memory that is then used in
>
> ngx_ssl_session_id_context (introduced in 1.6.2). I havent tried to
> repro the error, but looks like a bug to me. PFA a suggested patch.

The SSL_CTX_use_certificate() call will grab a reference to the
certificate, so X509_free() here will not really free the memory.

--
Maxim Dounin
http://nginx.org/

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Reply Quote
RSS
Subject Author Views Posted

SSL memory bug? Attachments

faskiri.devel 819 September 29, 2014 04:34AM

Re: SSL memory bug?

Maxim Dounin 315 September 29, 2014 08:18AM

Re: SSL memory bug?

Fasihullah Askiri 285 September 29, 2014 10:24AM

Re: SSL memory bug?

Maxim Dounin 342 September 29, 2014 12:00PM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 174
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready