diff options
| author | jasper <> | 2010-01-31 21:10:57 +0000 |
|---|---|---|
| committer | jasper <> | 2010-01-31 21:10:57 +0000 |
| commit | 4657a66d1fec85b57a7f7f8b9f650123db7d66a4 (patch) | |
| tree | 04799cdb7abb4a62f1f39a8b5f82d12f816a9636 | |
| parent | a15267709b9e61027bcc70c4facd8fda0fb49426 (diff) | |
| download | openbsd-4657a66d1fec85b57a7f7f8b9f650123db7d66a4.tar.gz openbsd-4657a66d1fec85b57a7f7f8b9f650123db7d66a4.tar.bz2 openbsd-4657a66d1fec85b57a7f7f8b9f650123db7d66a4.zip | |
add a fix from OpenSSL CVS for SA38200.
"Modify compression code so it avoids using ex_data free functions.
This stops applications that call CRYPTO_free_all_ex_data()
prematurely leaking memory."
looks ok to markus@
| -rw-r--r-- | src/lib/libcrypto/comp/c_zlib.c | 17 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/comp/c_zlib.c | 17 |
2 files changed, 14 insertions, 20 deletions
diff --git a/src/lib/libcrypto/comp/c_zlib.c b/src/lib/libcrypto/comp/c_zlib.c index eccfd09137..8df7792c50 100644 --- a/src/lib/libcrypto/comp/c_zlib.c +++ b/src/lib/libcrypto/comp/c_zlib.c | |||
| @@ -136,15 +136,6 @@ struct zlib_state | |||
| 136 | 136 | ||
| 137 | static int zlib_stateful_ex_idx = -1; | 137 | static int zlib_stateful_ex_idx = -1; |
| 138 | 138 | ||
| 139 | static void zlib_stateful_free_ex_data(void *obj, void *item, | ||
| 140 | CRYPTO_EX_DATA *ad, int ind,long argl, void *argp) | ||
| 141 | { | ||
| 142 | struct zlib_state *state = (struct zlib_state *)item; | ||
| 143 | inflateEnd(&state->istream); | ||
| 144 | deflateEnd(&state->ostream); | ||
| 145 | OPENSSL_free(state); | ||
| 146 | } | ||
| 147 | |||
| 148 | static int zlib_stateful_init(COMP_CTX *ctx) | 139 | static int zlib_stateful_init(COMP_CTX *ctx) |
| 149 | { | 140 | { |
| 150 | int err; | 141 | int err; |
| @@ -188,6 +179,12 @@ static int zlib_stateful_init(COMP_CTX *ctx) | |||
| 188 | 179 | ||
| 189 | static void zlib_stateful_finish(COMP_CTX *ctx) | 180 | static void zlib_stateful_finish(COMP_CTX *ctx) |
| 190 | { | 181 | { |
| 182 | struct zlib_state *state = | ||
| 183 | (struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data, | ||
| 184 | zlib_stateful_ex_idx); | ||
| 185 | inflateEnd(&state->istream); | ||
| 186 | deflateEnd(&state->ostream); | ||
| 187 | OPENSSL_free(state); | ||
| 191 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_COMP,ctx,&ctx->ex_data); | 188 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_COMP,ctx,&ctx->ex_data); |
| 192 | } | 189 | } |
| 193 | 190 | ||
| @@ -402,7 +399,7 @@ COMP_METHOD *COMP_zlib(void) | |||
| 402 | if (zlib_stateful_ex_idx == -1) | 399 | if (zlib_stateful_ex_idx == -1) |
| 403 | zlib_stateful_ex_idx = | 400 | zlib_stateful_ex_idx = |
| 404 | CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP, | 401 | CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP, |
| 405 | 0,NULL,NULL,NULL,zlib_stateful_free_ex_data); | 402 | 0,NULL,NULL,NULL,NULL); |
| 406 | CRYPTO_w_unlock(CRYPTO_LOCK_COMP); | 403 | CRYPTO_w_unlock(CRYPTO_LOCK_COMP); |
| 407 | if (zlib_stateful_ex_idx == -1) | 404 | if (zlib_stateful_ex_idx == -1) |
| 408 | goto err; | 405 | goto err; |
diff --git a/src/lib/libssl/src/crypto/comp/c_zlib.c b/src/lib/libssl/src/crypto/comp/c_zlib.c index eccfd09137..8df7792c50 100644 --- a/src/lib/libssl/src/crypto/comp/c_zlib.c +++ b/src/lib/libssl/src/crypto/comp/c_zlib.c | |||
| @@ -136,15 +136,6 @@ struct zlib_state | |||
| 136 | 136 | ||
| 137 | static int zlib_stateful_ex_idx = -1; | 137 | static int zlib_stateful_ex_idx = -1; |
| 138 | 138 | ||
| 139 | static void zlib_stateful_free_ex_data(void *obj, void *item, | ||
| 140 | CRYPTO_EX_DATA *ad, int ind,long argl, void *argp) | ||
| 141 | { | ||
| 142 | struct zlib_state *state = (struct zlib_state *)item; | ||
| 143 | inflateEnd(&state->istream); | ||
| 144 | deflateEnd(&state->ostream); | ||
| 145 | OPENSSL_free(state); | ||
| 146 | } | ||
| 147 | |||
| 148 | static int zlib_stateful_init(COMP_CTX *ctx) | 139 | static int zlib_stateful_init(COMP_CTX *ctx) |
| 149 | { | 140 | { |
| 150 | int err; | 141 | int err; |
| @@ -188,6 +179,12 @@ static int zlib_stateful_init(COMP_CTX *ctx) | |||
| 188 | 179 | ||
| 189 | static void zlib_stateful_finish(COMP_CTX *ctx) | 180 | static void zlib_stateful_finish(COMP_CTX *ctx) |
| 190 | { | 181 | { |
| 182 | struct zlib_state *state = | ||
| 183 | (struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data, | ||
| 184 | zlib_stateful_ex_idx); | ||
| 185 | inflateEnd(&state->istream); | ||
| 186 | deflateEnd(&state->ostream); | ||
| 187 | OPENSSL_free(state); | ||
| 191 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_COMP,ctx,&ctx->ex_data); | 188 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_COMP,ctx,&ctx->ex_data); |
| 192 | } | 189 | } |
| 193 | 190 | ||
| @@ -402,7 +399,7 @@ COMP_METHOD *COMP_zlib(void) | |||
| 402 | if (zlib_stateful_ex_idx == -1) | 399 | if (zlib_stateful_ex_idx == -1) |
| 403 | zlib_stateful_ex_idx = | 400 | zlib_stateful_ex_idx = |
| 404 | CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP, | 401 | CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP, |
| 405 | 0,NULL,NULL,NULL,zlib_stateful_free_ex_data); | 402 | 0,NULL,NULL,NULL,NULL); |
| 406 | CRYPTO_w_unlock(CRYPTO_LOCK_COMP); | 403 | CRYPTO_w_unlock(CRYPTO_LOCK_COMP); |
| 407 | if (zlib_stateful_ex_idx == -1) | 404 | if (zlib_stateful_ex_idx == -1) |
| 408 | goto err; | 405 | goto err; |