-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In the course of using OpenSSL for a client application, I would
regularly get a SEGV in the client session caching code under high
load. After some examination, I traced it to SSL_CTX_add_session,
where two data structures (a hash and a list) are not being kept in
sync: when a session is deleted from the hash, it is not
correspondingly deleted from the list, causing that memory to be freed
twice (once as a dangling pointer, of course) when it is finally taken
off the list.
I submit the following patch, which has solved our SEGV problems:
Changed version:
/* Put on the end of the queue unless it is already in the cache */
if (s != NULL)
SSL_SESSION_list_remove(ctx,s);
SSL_SESSION_list_add(ctx,c);
/* If the same session if is being 're-added', Free the old
* one when the last person stops using it.
* This will also work if it is alread in the cache.
* The references will go up and then down :) */
Original version :
/* Put on the end of the queue unless it is already in the cache */
if (s == NULL)
SSL_SESSION_list_add(ctx,c);
/* If the same session if is being 're-added', Free the old
* one when the last person stops using it.
* This will also work if it is alread in the cache.
* The references will go up and then down :) */
Comments?
Kyle
- --
Kyle R. Rose MIT LCS NE43-309, Cambridge, MA
11 Winslow Avenue Apt. 2 617-253-5883
Somerville, MA 02144 [EMAIL PROTECTED]
617-628-0271 http://web.mit.edu/krr/www/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.1 and Gnu Privacy Guard <http://www.gnupg.org/>
iD8DBQE4X98h66jzSko6g9wRAu5rAJ4iqbTAbCeUZMCyDLdUzvG+N1DOSwCfYNyO
eohtA6TEhw3ujnEhZzPWUUM=
=nPYu
-----END PGP SIGNATURE-----
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
