]> granicus.if.org Git - libevent/commit
projects / libevent / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 474d72a) | patch
be_openssl: avoid leaking of SSL structure
authorAzat Khuzhin <a3at.mail@gmail.com>
Sat, 27 Oct 2018 15:35:08 +0000 (18:35 +0300)
committerAzat Khuzhin <a3at.mail@gmail.com>
Sat, 27 Oct 2018 16:30:11 +0000 (19:30 +0300)
commitacf09c00e2825420cc4ff801518e4ecfe2b31a03
tree8f54d370378ca2c51c259968097b016b20c62568tree | snapshot
parent474d72aeac818198737aa7cb009578c464db11cacommit | diff
be_openssl: avoid leaking of SSL structure

From nmathewson/Libevent#83 by @fancycode:
  There are a few code paths where the passed SSL object is not released in error cases, even if BEV_OPT_CLOSE_ON_FREE is passed as option while for others it is released. That way it's impossible for the caller to know it he has to free it on errors himself or not.

  Line numbers are from "bufferevent_openssl.c" in 911abf3:

  L1414 ("underlying == NULL" passed)
  L1416 (bio could not be created)
  L1446 (different fd passed)
  L1325 (both underlying and fd passed)
  L1328 (out-of-memory)
  L1333 ("bufferevent_init_common_" failed)
  In all error cases after the "bufferevent_ops_openssl" has been assigned, the option is evaluated on "bufferevent_free" (L1399) and the SSL object released (L1226).

Fixes: nmathewson/Libevent#83
bufferevent_openssl.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.