IntenseWebs/nginx
3
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2024-12-19 05:33:52 -06:00
Code Issues Packages Projects Releases Wiki Activity

SSL: fixed unlocked access to sess_id->len.

Browse Source
This commit is contained in:
Ruslan Ermilov 2018-09-25 14:07:59 +03:00
parent 99e06c69c5
commit a50dec6d6a
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/event/ngx_event_openssl.c
View File

@ -3146,6 +3146,7 @@ ngx_ssl_get_cached_session(ngx_ssl_conn_t *ssl_conn,
const
#endif
u_char *p;
size_t slen;
uint32_t hash;
ngx_int_t rc;
ngx_shm_zone_t *shm_zone;
@ -3201,12 +3202,14 @@ ngx_ssl_get_cached_session(ngx_ssl_conn_t *ssl_conn,
if (rc == 0) {
if (sess_id->expire > ngx_time()) {
ngx_memcpy(buf, sess_id->session, sess_id->len);
slen = sess_id->len;
ngx_memcpy(buf, sess_id->session, slen);
ngx_shmtx_unlock(&shpool->mutex);
p = buf;
sess = d2i_SSL_SESSION(NULL, &p, sess_id->len);
sess = d2i_SSL_SESSION(NULL, &p, slen);
return sess;
}