SSL memory bug?
Maxim Dounin
mdounin at mdounin.ru
Mon Sep 29 12:17:50 UTC 2014
Hello!
On Mon, Sep 29, 2014 at 02:03:08PM +0530, Fasih wrote:
> Hi
>
> I was looking at ngx_event_openssl.c, when I saw this.
>
> if (SSL_CTX_set_ex_data(ssl->ctx, ngx_ssl_certificate_index, x509)
> == 0)
> {
> ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
> "SSL_CTX_set_ex_data() failed");
> X509_free(x509);
> BIO_free(bio);
> return NGX_ERROR;
> }
>
> X509_free(x509);
>
>
> We just free the memory that is then used in
>
> ngx_ssl_session_id_context (introduced in 1.6.2). I havent tried to
> repro the error, but looks like a bug to me. PFA a suggested patch.
The SSL_CTX_use_certificate() call will grab a reference to the
certificate, so X509_free() here will not really free the memory.
--
Maxim Dounin
http://nginx.org/
More information about the nginx-devel
mailing list