提交 5fb6f80c 编写于 作者: M Matt Caswell

Fix seg fault in dtls1_new

Reviewed-by: NRichard Levitte <levitte@openssl.org>
上级 cb2ce7ab
......@@ -124,6 +124,10 @@ int dtls1_new(SSL *s)
{
DTLS1_STATE *d1;
if(!DTLS_RECORD_LAYER_new(&s->rlayer)) {
return 0;
}
if (!ssl3_new(s))
return (0);
if ((d1 = OPENSSL_malloc(sizeof *d1)) == NULL) {
......@@ -131,12 +135,6 @@ int dtls1_new(SSL *s)
return (0);
}
memset(d1, 0, sizeof *d1);
if(!DTLS_RECORD_LAYER_new(&s->rlayer)) {
OPENSSL_free(d1);
ssl3_free(s);
return 0;
}
d1->buffered_messages = pqueue_new();
d1->sent_messages = pqueue_new();
......
......@@ -133,8 +133,7 @@ int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl)
rl->d = d;
DTLS_RECORD_LAYER_clear(rl);
d->unprocessed_rcds.q = pqueue_new();
d->processed_rcds.q = pqueue_new();
......
......@@ -145,8 +145,10 @@ void RECORD_LAYER_clear(RECORD_LAYER *rl)
size_t rlen, wlen;
int read_ahead;
SSL *s;
DTLS_RECORD_LAYER *d;
s = rl->s;
d = rl->d;
read_ahead = rl->read_ahead;
rp = SSL3_BUFFER_get_buf(&rl->rbuf);
rlen = SSL3_BUFFER_get_len(&rl->rbuf);
......@@ -165,6 +167,10 @@ void RECORD_LAYER_clear(RECORD_LAYER *rl)
rl->read_ahead = read_ahead;
rl->rstate = SSL_ST_READ_HEADER;
rl->s = s;
rl->d = d;
if(d)
DTLS_RECORD_LAYER_clear(rl);
}
void RECORD_LAYER_release(RECORD_LAYER *rl)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册