TLS: prevent shutdown loops to get stuck

... by making sure the loops are only allowed to read the shutdown traffic a limited number of times. Reported-by: Harry Sintonen Closes #7271
2021-06-17 10:24:41 +02:00 · 2021-06-17 10:24:41 +02:00 · 720b4a1a43
parent 80e1054fe5
commit 720b4a1a43
3 changed files with 6 additions and 3 deletions
--- a/lib/vtls/gskit.c
+++ b/lib/vtls/gskit.c
@ -1192,6 +1192,7 @@ static int gskit_shutdown(struct Curl_easy *data,
  int what;
  int rc;
  char buf[120];
+  int loop = 10; /* don't get stuck */

  if(!BACKEND->handle)
    return 0;
@ -1206,7 +1207,7 @@ static int gskit_shutdown(struct Curl_easy *data,
  what = SOCKET_READABLE(conn->sock[sockindex],
                         SSL_SHUTDOWN_TIMEOUT);

-  for(;;) {
+  while(loop--) {
    ssize_t nread;

    if(what < 0) {
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@ -1448,6 +1448,7 @@ static int ossl_shutdown(struct Curl_easy *data,
  int err;
  bool done = FALSE;
  struct ssl_backend_data *backend = connssl->backend;
+  int loop = 10;

 #ifndef CURL_DISABLE_FTP
  /* This has only been tested on the proftpd server, and the mod_tls code
@ -1461,7 +1462,7 @@ static int ossl_shutdown(struct Curl_easy *data,

  if(backend->handle) {
    buffsize = (int)sizeof(buf);
-    while(!done) {
+    while(!done && loop--) {
      int what = SOCKET_READABLE(conn->sock[sockindex],
                                 SSL_SHUTDOWN_TIMEOUT);
      if(what > 0) {
--- a/lib/vtls/sectransp.c
+++ b/lib/vtls/sectransp.c
@ -3148,6 +3148,7 @@ static int sectransp_shutdown(struct Curl_easy *data,
  int what;
  int rc;
  char buf[120];
+  int loop = 10; /* avoid getting stuck */

  if(!backend->ssl_ctx)
    return 0;
@ -3163,7 +3164,7 @@ static int sectransp_shutdown(struct Curl_easy *data,

  what = SOCKET_READABLE(conn->sock[sockindex], SSL_SHUTDOWN_TIMEOUT);

-  for(;;) {
+  while(loop--) {
    if(what < 0) {
      /* anything that gets here is fatally bad */
      failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);