Mercurial > hg > nginx-quic
comparison src/event/ngx_event_openssl.c @ 5537:49b1ad48b55c
SSL: fixed $ssl_session_id possible segfault after 97e3769637a7.
Even during execution of a request it is possible that there will be
no session available, notably in case of renegotiation. As a result
logging of $ssl_session_id in some cases caused NULL pointer dereference
after revision 97e3769637a7 (1.5.9). The check added returns an empty
string if there is no session available.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 23 Jan 2014 18:32:26 +0400 |
parents | 97e3769637a7 |
children | 7c05f6590753 |
comparison
equal
deleted
inserted
replaced
5536:2a81949cbd7c | 5537:49b1ad48b55c |
---|---|
2506 int len; | 2506 int len; |
2507 u_char *buf; | 2507 u_char *buf; |
2508 SSL_SESSION *sess; | 2508 SSL_SESSION *sess; |
2509 | 2509 |
2510 sess = SSL_get0_session(c->ssl->connection); | 2510 sess = SSL_get0_session(c->ssl->connection); |
2511 if (sess == NULL) { | |
2512 s->len = 0; | |
2513 return NGX_OK; | |
2514 } | |
2511 | 2515 |
2512 buf = sess->session_id; | 2516 buf = sess->session_id; |
2513 len = sess->session_id_length; | 2517 len = sess->session_id_length; |
2514 | 2518 |
2515 s->len = 2 * len; | 2519 s->len = 2 * len; |