[nginx] SSL: fixed $ssl_session_id possible segfault after 97e37...

Maxim Dounin mdounin at mdounin.ru
Thu Jan 23 14:33:25 UTC 2014


details:   http://hg.nginx.org/nginx/rev/49b1ad48b55c
branches:  
changeset: 5537:49b1ad48b55c
user:      Maxim Dounin <mdounin at mdounin.ru>
date:      Thu Jan 23 18:32:26 2014 +0400
description:
SSL: fixed $ssl_session_id possible segfault after 97e3769637a7.

Even during execution of a request it is possible that there will be
no session available, notably in case of renegotiation.  As a result
logging of $ssl_session_id in some cases caused NULL pointer dereference
after revision 97e3769637a7 (1.5.9).  The check added returns an empty
string if there is no session available.

diffstat:

 src/event/ngx_event_openssl.c |  4 ++++
 1 files changed, 4 insertions(+), 0 deletions(-)

diffs (14 lines):

diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -2508,6 +2508,10 @@ ngx_ssl_get_session_id(ngx_connection_t 
     SSL_SESSION  *sess;
 
     sess = SSL_get0_session(c->ssl->connection);
+    if (sess == NULL) {
+        s->len = 0;
+        return NGX_OK;
+    }
 
     buf = sess->session_id;
     len = sess->session_id_length;



More information about the nginx-devel mailing list