Fix a ssl session leak due to OOM in lh_SSL_SESSION_insert

- s == NULL can mean c is a new session *or* lh_insert was unable to create a hash entry. - use lh_SSL_SESSION_retrieve to check for this error condition. - If it happens simply remove the extra reference again. Reviewed-by: N Rich Salz <rsalz@openssl.org> Reviewed-by: N Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2138)

Fix a ssl session leak due to OOM in lh_SSL_SESSION_insert
- s == NULL can mean c is a new session *or* lh_insert was unable to create a hash entry. - use lh_SSL_SESSION_retrieve to check for this error condition. - If it happens simply remove the extra reference again. Reviewed-by: N Rich Salz <rsalz@openssl.org> Reviewed-by: N Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2138)
38088ce9 · Bernd Edlinger · Richard Levitte · c2114afc · 38088ce9
隐藏空白更改
内联并排

Showing with 9 addition and 0 deletion

ssl/ssl_sess.c ssl/ssl_sess.c +9 -0

未找到文件。
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -678,6 +678,15 @@ int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
         * obtain the same session from an external cache)
         */
        s = NULL;
+    } else if (s == NULL &&
+               lh_SSL_SESSION_retrieve(ctx->sessions, c) == NULL) {
+        /* s == NULL can also mean OOM error in lh_SSL_SESSION_insert ... */
+
+        /*
+         * ... so take back the extra reference and also don't add
+         * the session to the SSL_SESSION_list at this time
+         */
+        s = c;
    }

    /* Put at the head of the queue unless it is already in the cache */