[ 
https://issues.apache.org/jira/browse/TS-4978?focusedWorklogId=30836&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-30836
 ]

ASF GitHub Bot logged work on TS-4978:
--------------------------------------

                Author: ASF GitHub Bot
            Created on: 18/Oct/16 19:58
            Start Date: 18/Oct/16 19:58
    Worklog Time Spent: 10m 
      Work Description: GitHub user persiaAziz opened a pull request:

    https://github.com/apache/trafficserver/pull/1120

    TS-4978: illegal memory access with ticket_key.filename

    Avoiding illegal memory access by checking the return value of 
readConfigStringAlloc . 

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/persiaAziz/trafficserver TS-4978

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/trafficserver/pull/1120.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #1120
    
----
commit c66b94ab044d851458954a3e14f0fca37d9e8d52
Author: Persia Aziz <per...@yahoo-inc.com>
Date:   2016-10-18T19:53:59Z

    TS-4978: illegal memory access with ticket_key.filename

----


Issue Time Tracking
-------------------

            Worklog Id:     (was: 30836)
            Time Spent: 10m
    Remaining Estimate: 0h

> CID 1364311:  Memory - illegal accesses  (USE_AFTER_FREE) in 
> iocore/net/SSLConfig.cc
> ------------------------------------------------------------------------------------
>
>                 Key: TS-4978
>                 URL: https://issues.apache.org/jira/browse/TS-4978
>             Project: Traffic Server
>          Issue Type: Bug
>          Components: TLS
>            Reporter: Leif Hedstrom
>            Assignee: Syeda Persia Aziz
>             Fix For: 7.1.0
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> I think this is perhaps from TS-4858:
> {code}
> *** CID 1364311:  Memory - illegal accesses  (USE_AFTER_FREE)
> /iocore/net/SSLConfig.cc: 258 in SSLConfigParams::initialize()()
> 252       ats_free(ssl_server_ca_cert_filename);
> 253       ats_free(CACertRelativePath);
> 254     
> 255     #if HAVE_OPENSSL_SESSION_TICKETS
> 256       REC_ReadConfigStringAlloc(ticket_key_filename, 
> "proxy.config.ssl.server.ticket_key.filename");
> 257       if (this->ticket_key_filename != NULL) {
>    CID 1364311:  Memory - illegal accesses  (USE_AFTER_FREE)
>    Passing freed pointer "this->ticket_key_filename" as an argument to 
> "relative_to".
> 258         ats_scoped_str 
> ticket_key_path(Layout::relative_to(this->serverCertPathOnly, 
> this->ticket_key_filename));
> 259         default_global_keyblock = 
> ssl_create_ticket_keyblock(ticket_key_path);
> 260       } else {
> 261         default_global_keyblock = ssl_create_ticket_keyblock(NULL);
> 262       }
> 263     #endif
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to