https://bz.apache.org/bugzilla/show_bug.cgi?id=57694
Bug ID: 57694
Summary: Crash using SSL certificate with pathlen constraint
due to free()
Product: Apache httpd-2
Version: 2.4.7
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: mod_ssl
Assignee: [email protected]
Reporter: [email protected]
Created attachment 32562
--> https://bz.apache.org/bugzilla/attachment.cgi?id=32562&action=edit
Reproduction certificate
mod_ssl calls free() instead of OPENSSL_free() on the result of BN_bn2dec()
when reading the pathlen of a certificate's basic constraints. This is in
SSL_X509_getBC() function of ssl_util_ssl.c. At least on Windows, this crashes
when mod_ssl and OpenSSL are built against different C run-times.
Steps to Reproduce:
1) Configure httpd to use an SSL certificate with the basicConstraints
extension containing a pathlen (sample cert attached).
2) Start the server.
Actual Results:
The server crashed.
Expected Results:
The server starts, using the configured certificate.
Build Date & Hardware:
64-bit Windows build of httpd/mod_ssl 2.4.7 using msvc 11.0
and OpenSSL 1.0.1 built with msvc 9.0
Additional Builds and Platforms:
I have verified that free() is still used in trunk.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
