diff options
author | Michael Kaufmann <mail@michael-kaufmann.ch> | 2021-09-22 12:04:25 +0200 |
---|---|---|
committer | Michael Kaufmann <mail@michael-kaufmann.ch> | 2021-09-24 13:23:42 +0200 |
commit | 60738f398cdd66312bce6ce92a87f19e71feacf4 (patch) | |
tree | 998eba54603342b4d194d44a4709a6bbee9d973e /lib/vtls/vtls.h | |
parent | f4a3ae8ea8dd913ea8c9b5cced5a13c051318816 (diff) | |
download | curl-60738f398cdd66312bce6ce92a87f19e71feacf4.tar.gz |
vtls: Fix a memory leak if an SSL session cannot be added to the cache
On connection shutdown, a new TLS session ticket may arrive after the
SSL session cache has already been destructed. In this case, the new
SSL session cannot be added to the SSL session cache.
The callers of Curl_ssl_addsessionid() need to know whether the SSL
session has been added to the cache. If it has not been added, the
reference counter of the SSL session must not be incremented, or memory
used by the SSL session must be freed. This is now possible with the new
output parameter "added" of Curl_ssl_addsessionid().
Fixes #7683
Closes #7752
Diffstat (limited to 'lib/vtls/vtls.h')
-rw-r--r-- | lib/vtls/vtls.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h index beaa83d9e..c7bbba082 100644 --- a/lib/vtls/vtls.h +++ b/lib/vtls/vtls.h @@ -261,7 +261,8 @@ CURLcode Curl_ssl_addsessionid(struct Curl_easy *data, const bool isProxy, void *ssl_sessionid, size_t idsize, - int sockindex); + int sockindex, + bool *added); /* Kill a single session ID entry in the cache * Sessionid mutex must be locked (see Curl_ssl_sessionid_lock). * This will call engine-specific curlssl_session_free function, which must |