Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.c @ 7365:cd4fa2fab8d8
SSL: fixed unlocked access to sess_id->len.
| author | Ruslan Ermilov <ru@nginx.com> |
|---|---|
| date | Tue, 25 Sep 2018 14:07:59 +0300 |
| parents | c09c7d47acb9 |
| children | ed8738b1c7c4 |
comparison
equal
deleted
inserted
replaced
| 7364:5fa22beeaf11 | 7365:cd4fa2fab8d8 |
|---|---|
| 3144 { | 3144 { |
| 3145 #if OPENSSL_VERSION_NUMBER >= 0x0090707fL | 3145 #if OPENSSL_VERSION_NUMBER >= 0x0090707fL |
| 3146 const | 3146 const |
| 3147 #endif | 3147 #endif |
| 3148 u_char *p; | 3148 u_char *p; |
| 3149 size_t slen; | |
| 3149 uint32_t hash; | 3150 uint32_t hash; |
| 3150 ngx_int_t rc; | 3151 ngx_int_t rc; |
| 3151 ngx_shm_zone_t *shm_zone; | 3152 ngx_shm_zone_t *shm_zone; |
| 3152 ngx_slab_pool_t *shpool; | 3153 ngx_slab_pool_t *shpool; |
| 3153 ngx_rbtree_node_t *node, *sentinel; | 3154 ngx_rbtree_node_t *node, *sentinel; |
| 3199 (size_t) len, (size_t) node->data); | 3200 (size_t) len, (size_t) node->data); |
| 3200 | 3201 |
| 3201 if (rc == 0) { | 3202 if (rc == 0) { |
| 3202 | 3203 |
| 3203 if (sess_id->expire > ngx_time()) { | 3204 if (sess_id->expire > ngx_time()) { |
| 3204 ngx_memcpy(buf, sess_id->session, sess_id->len); | 3205 slen = sess_id->len; |
| 3206 | |
| 3207 ngx_memcpy(buf, sess_id->session, slen); | |
| 3205 | 3208 |
| 3206 ngx_shmtx_unlock(&shpool->mutex); | 3209 ngx_shmtx_unlock(&shpool->mutex); |
| 3207 | 3210 |
| 3208 p = buf; | 3211 p = buf; |
| 3209 sess = d2i_SSL_SESSION(NULL, &p, sess_id->len); | 3212 sess = d2i_SSL_SESSION(NULL, &p, slen); |
| 3210 | 3213 |
| 3211 return sess; | 3214 return sess; |
| 3212 } | 3215 } |
| 3213 | 3216 |
| 3214 ngx_queue_remove(&sess_id->queue); | 3217 ngx_queue_remove(&sess_id->queue); |