moparisthebest
/
curl
mirror of https://github.com/moparisthebest/curl
1
0
Fork 0
Code Issues Releases Wiki Activity

wolfssl: don't store a NULL sessionid 

This caused a memory leak as the session id cache entry was still
erroneously stored with a NULL sessionid and that would later be treated
as not needed to get freed.

Reported-by: Gisle Vanem
Fixes #6616
Closes #6617
This commit is contained in:
Daniel Stenberg 2021-02-17 14:19:57 +01:00
parent f248a13065
commit bc928be02c
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
1 changed files with 20 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
lib/vtls/wolfssl.c
View File

@ -770,32 +770,32 @@ wolfssl_connect_step3(struct Curl_easy *data, struct connectdata *conn,
if(SSL_SET_OPTION(primary.sessionid)) {
bool incache;
SSL_SESSION *our_ssl_sessionid;
void *old_ssl_sessionid = NULL;
SSL_SESSION *our_ssl_sessionid = SSL_get_session(backend->handle);
our_ssl_sessionid = SSL_get_session(backend->handle);
Curl_ssl_sessionid_lock(data);
incache = !(Curl_ssl_getsessionid(data, conn, &old_ssl_sessionid, NULL,
sockindex));
if(incache) {
if(old_ssl_sessionid != our_ssl_sessionid) {
infof(data, "old SSL session ID is stale, removing\n");
Curl_ssl_delsessionid(data, old_ssl_sessionid);
incache = FALSE;
if(our_ssl_sessionid) {
Curl_ssl_sessionid_lock(data);
incache = !(Curl_ssl_getsessionid(data, conn, &old_ssl_sessionid, NULL,
sockindex));
if(incache) {
if(old_ssl_sessionid != our_ssl_sessionid) {
infof(data, "old SSL session ID is stale, removing\n");
Curl_ssl_delsessionid(data, old_ssl_sessionid);
incache = FALSE;
}
}
}
if(!incache) {
result = Curl_ssl_addsessionid(data, conn, our_ssl_sessionid,
0 /* unknown size */, sockindex);
if(result) {
Curl_ssl_sessionid_unlock(data);
failf(data, "failed to store ssl session");
return result;
if(!incache) {
result = Curl_ssl_addsessionid(data, conn, our_ssl_sessionid,
0 /* unknown size */, sockindex);
if(result) {
Curl_ssl_sessionid_unlock(data);
failf(data, "failed to store ssl session");
return result;
}
}
Curl_ssl_sessionid_unlock(data);
}
Curl_ssl_sessionid_unlock(data);
}
connssl->connecting_state = ssl_connect_done;