mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-23 14:42:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

Avoid memory hole when we don't like the session proposed by the client

Browse Source
This commit is contained in:
Bodo Möller 1999-05-23 10:43:46 +00:00
parent 0dc42a1e74
commit 9a193d8825
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ssl/ssl_sess.c
View File

@ -188,7 +188,6 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
/* This is used only by servers. */ /* This is used only by servers. */
SSL_SESSION *ret=NULL,data; SSL_SESSION *ret=NULL,data;
int copy=1;
/* conn_init();*/ /* conn_init();*/
data.ssl_version=s->version; data.ssl_version=s->version;
@ -206,6 +205,8 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
if (ret == NULL) if (ret == NULL)
{ {
int copy=1;
s->ctx->stats.sess_miss++; s->ctx->stats.sess_miss++;
ret=NULL; ret=NULL;
if (s->ctx->get_session_cb != NULL if (s->ctx->get_session_cb != NULL
@ -217,6 +218,9 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
/* The following should not return 1, otherwise, /* The following should not return 1, otherwise,
* things are very strange */ * things are very strange */
SSL_CTX_add_session(s->ctx,ret); SSL_CTX_add_session(s->ctx,ret);
/* auto free it (decrement reference count now) */
if (!copy)
SSL_SESSION_free(ret);
} }
if (ret == NULL) return(0); if (ret == NULL) return(0);
} }
@ -233,10 +237,6 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
return 0; return 0;
} }
/* auto free it */
if (!copy)
SSL_SESSION_free(ret);
if (ret->cipher == NULL) if (ret->cipher == NULL)
{ {
unsigned char buf[5],*p; unsigned char buf[5],*p;