[prev in list] [next in list] [prev in thread] [next in thread]
List: apache-cvs
Subject: cvs commit: httpd-2.0/modules/ssl ssl_engine_vars.c
From: jorton () apache ! org
Date: 2004-01-30 13:03:23
Message-ID: 20040130130323.62534.qmail () minotaur ! apache ! org
[Download RAW message or body]
jorton 2004/01/30 05:03:23
Modified: . Tag: APACHE_2_0_BRANCH CHANGES
modules/ssl Tag: APACHE_2_0_BRANCH ssl_engine_vars.c
Log:
* modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl): Fix segfault if
SSL_get_session() returns NULL.
PR: 15057
Submitted by: Otmar Lendl <lendl@nic.at>
Reviewed by: Joe Orton, Jeff Trawick, André Malo
Revision Changes Path
No revision
No revision
1.988.2.226 +3 -0 httpd-2.0/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/httpd-2.0/CHANGES,v
retrieving revision 1.988.2.225
retrieving revision 1.988.2.226
diff -b -d -u -r1.988.2.225 -r1.988.2.226
--- CHANGES 30 Jan 2004 12:58:08 -0000 1.988.2.225
+++ CHANGES 30 Jan 2004 13:03:22 -0000 1.988.2.226
@@ -1,5 +1,8 @@
Changes with Apache 2.0.49
+ *) mod_ssl: Fix potential segfault on lookup of SSL_SESSION_ID.
+ PR 15057. [Otmar Lendl <lendl nic.at>]
+
*) mod_ssl: Fix streaming output from an nph- CGI script. PR 21944
[Joe Orton]
No revision
No revision
1.22.2.6 +6 -4 httpd-2.0/modules/ssl/ssl_engine_vars.c
Index: ssl_engine_vars.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_vars.c,v
retrieving revision 1.22.2.5
retrieving revision 1.22.2.6
diff -b -d -u -r1.22.2.5 -r1.22.2.6
--- ssl_engine_vars.c 12 Jan 2004 14:59:17 -0000 1.22.2.5
+++ ssl_engine_vars.c 30 Jan 2004 13:03:23 -0000 1.22.2.6
@@ -281,10 +281,12 @@
else if (ssl != NULL && strcEQ(var, "SESSION_ID")) {
char buf[SSL_SESSION_ID_STRING_LEN];
SSL_SESSION *pSession = SSL_get_session(ssl);
+ if (pSession) {
result = apr_pstrdup(p, SSL_SESSION_id2sz(
SSL_SESSION_get_session_id(pSession),
SSL_SESSION_get_session_id_length(pSession),
buf, sizeof(buf)));
+ }
}
else if (ssl != NULL && strlen(var) >= 6 && strcEQn(var, "CIPHER", 6)) {
result = ssl_var_lookup_ssl_cipher(p, c, var+6);
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic