Mercurial > hg > nginx

changeset 5567:5a38f9609d85 stable-1.4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
SSL: fixed $ssl_session_id possible segfault after 97e3769637a7. Even during execution of a request it is possible that there will be no session available, notably in case of renegotiation. As a result logging of $ssl_session_id in some cases caused NULL pointer dereference after revision 97e3769637a7 (1.5.9). The check added returns an empty string if there is no session available.
author Maxim Dounin <mdounin@mdounin.ru>
date Thu, 23 Jan 2014 18:32:26 +0400
parents 70f4d99ded41
children 560de9681661
files src/event/ngx_event_openssl.c
diffstat 1 files changed, 4 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -2233,6 +2233,10 @@ ngx_ssl_get_session_id(ngx_connection_t 
     SSL_SESSION  *sess;
 
     sess = SSL_get0_session(c->ssl->connection);
+    if (sess == NULL) {
+        s->len = 0;
+        return NGX_OK;
+    }
 
     buf = sess->session_id;
     len = sess->session_id_length;