Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / c3775d28f9be97696e4ded94bf647c0d34cf9f54
commitc3775d28f9be97696e4ded94bf647c0d34cf9f54[log] [tgz]
authorEmmanuel Hocdet <manu@gandi.net>Mon Nov 04 18:19:32 2019 +0100
committerWilliam Lallemand <wlallemand@haproxy.org>Mon Nov 18 14:55:32 2019 +0100
treee33ce26c2e0bb5d5438e07525fe9900179bfc16b
parentf9af9d7f3c0d7906bf51208e8e9a655ebf52b605 [diff]
BUG/MINOR: ssl: ssl_pkey_info_index ex_data can store a dereferenced pointer

With CLI cert update, sni_ctx can be removed at runtime. ssl_pkey_info_index
ex_data is filled with one of sni_ctx.kinfo pointer but SSL_CTX can be shared
between sni_ctx. Remove and free a sni_ctx can lead to a segfault when
ssl_pkey_info_index ex_data is used (in ssl_sock_get_pkey_algo). Removing the
dependency on ssl_pkey_info_index ex_data is the easiest way to fix the issue.
1 file changed
tree: e33ce26c2e0bb5d5438e07525fe9900179bfc16b
  1. .github/
  2. contrib/
  3. doc/
  4. ebtree/
  5. examples/
  6. include/
  7. reg-tests/
  8. scripts/
  9. src/
  10. tests/
  11. .cirrus.yml
  12. .gitignore
  13. .travis.yml
  14. BRANCHES
  15. CHANGELOG
  16. CONTRIBUTING
  17. INSTALL
  18. LICENSE
  19. MAINTAINERS
  20. Makefile
  21. README
  22. ROADMAP
  23. SUBVERS
  24. VERDATE
  25. VERSION