lighttpd
/
lighttpd2
2
0
Fork 0
Code Issues Wiki

[gnutls] fix cleanup order (use-after-free)

This commit is contained in:
Stefan Bühler 2013-08-03 09:24:58 +02:00
parent 45aeb29703
commit f3436e69f1
2 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
include/lighttpd/stream.h
View File

@ -87,6 +87,7 @@ LI_API const gchar* li_iostream_event_string(liIOStreamEvent event);
LI_API liIOStream* li_iostream_new(liWorker *wrk, int fd, liIOStreamCB cb, gpointer data);
LI_API void li_iostream_acquire(liIOStream* iostream);
LI_API void li_iostream_release(liIOStream* iostream);
INLINE void li_iostream_safe_release(liIOStream** piostream);
LI_API int li_iostream_reset(liIOStream *iostream); /* returns fd, disconnects everything, stop callbacks, releases one reference */
@ -122,4 +123,11 @@ INLINE void li_stream_safe_reset_and_release(liStream** pstream) {
li_stream_release(stream);
}
INLINE void li_iostream_safe_release(liIOStream** piostream) {
liIOStream *iostream;
if (NULL == piostream || NULL == (iostream = *piostream)) return;
*piostream = NULL;
li_iostream_release(iostream);
}
#endif

9
src/modules/mod_gnutls.c
View File

@ -324,12 +324,6 @@ static void close_cb(liGnuTLSFilter *f, gpointer data) {
li_stream_release(raw_in);
}
if (NULL != conctx->sock_stream) {
liIOStream *stream = conctx->sock_stream;
conctx->sock_stream = NULL;
li_iostream_release(stream);
}
#ifdef USE_SNI
if (NULL != conctx->sni_db_wait) {
li_fetch_cancel(&conctx->sni_db_wait);
@ -355,6 +349,9 @@ static void close_cb(liGnuTLSFilter *f, gpointer data) {
conctx->sni_server_name = NULL;
}
#endif
assert(NULL != conctx->sock_stream);
li_iostream_safe_release(&conctx->sock_stream);
}
static int post_client_hello_cb(liGnuTLSFilter *f, gpointer data) {