diff options
| author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2016-12-22 20:17:29 +0100 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2017-01-24 15:07:33 +0100 |
| commit | cb00d4ff17eae9c4e489409f5d12bff76c110be1 (patch) | |
| tree | 7a1f2db8822f74909052bddb362b7d88747182bc | |
| parent | e203f493f6387ab14c3b4d9c1b668e9d199e8ec3 (diff) | |
| download | openssl-new-cb00d4ff17eae9c4e489409f5d12bff76c110be1.tar.gz | |
Fix a ssl session leak due to OOM in lh_SSL_SESSION_insert
- s == NULL can mean c is a new session *or* lh_insert was
unable to create a hash entry.
- use lh_SSL_SESSION_retrieve to check for this error condition.
- If it happens simply remove the extra reference again.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2138)
(cherry picked from commit 38088ce9934a90d4aea486edbff864f3935342e6)
| -rw-r--r-- | ssl/ssl_sess.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index ed9855f90c..c3369a44ae 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -769,6 +769,15 @@ int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c) * obtain the same session from an external cache) */ s = NULL; + } else if (s == NULL && + lh_SSL_SESSION_retrieve(ctx->sessions, c) == NULL) { + /* s == NULL can also mean OOM error in lh_SSL_SESSION_insert ... */ + + /* + * ... so take back the extra reference and also don't add + * the session to the SSL_SESSION_list at this time + */ + s = c; } /* Put at the head of the queue unless it is already in the cache */ |