projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 184b0f1) | patch
Fix use-after-free in BIO_C_SET_SSL callback
authorDr. Matthias St. Pierre <matthias.st.pierre@ncp-e.com>
Wed, 6 May 2020 15:24:13 +0000 (17:24 +0200)
committerDr. Matthias St. Pierre <matthias.st.pierre@ncp-e.com>
Thu, 7 May 2020 17:21:11 +0000 (19:21 +0200)
commitd07e8b0ae66e96cda9c803de36e977fb7dfe941a
tree41d21490b17a6f068b5115d371fa7fdce345f5a8tree | snapshot
parent184b0f14173fd69120767d86227d1db3a4e60ec0commit | diff
Fix use-after-free in BIO_C_SET_SSL callback

Since the BIO_SSL structure was renewed by `ssl_free(b)/ssl_new(b)`,
the `bs` pointer needs to be updated before assigning to `bs->ssl`.

Thanks to @suishixingkong for reporting the issue and providing a fix.

Closes #10539

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11746)

(cherry picked from commit 73d6b4efe6835a6c97ce61df6bf339b0903e5b7a)
ssl/bio_ssl.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.