public/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix data race between SSL_SESSION_list_add and ssl_session_dup

Browse source 
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24673)
This commit is contained in:
Robert Schulze 2024-06-18 14:43:26 +00:00 committed by Neil Horman
parent 2f0b4974df
commit 79886c85b3
1 changed files with 9 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

10
ssl/ssl_sess.c
View file

@ -139,7 +139,15 @@ static SSL_SESSION *ssl_session_dup_intern(const SSL_SESSION *src, int ticket)
dest = OPENSSL_malloc(sizeof(*dest));
if (dest == NULL)
return NULL;
memcpy(dest, src, sizeof(*dest));
/*
* Copy until prev ptr, because it's a part of sessons cache which can be modified
* concurrently. Other fields filled in the code bellow.
*/
memcpy(dest, src, offsetof(SSL_SESSION, prev));
dest->ext = src->ext;
dest->ticket_appdata_len = src->ticket_appdata_len;
dest->flags = src->flags;
/*
* Set the various pointers to NULL so that we can call SSL_SESSION_free in