Attached is a fix for a multi-threading issue in the policy cache creation code.
Regards,
Pauli
--
Oracle
Dr Paul Dale | Cryptographer | Network Security & Encryption
Phone +61 7 3031 7217
Oracle Australia
>From 0ab5da60dbea7af41c3b860c1e71851c46346d9b Mon Sep 17 00:00:00 2001
From: Pauli <paul.d...@oracle.com>
Date: Wed, 11 Nov 2015 09:31:44 +1000
Subject: [PATCH] Fix threading issue that at best will leak some memory. The
problem is the checking in policy_cache_set, there is a race condition
between the null check and obtaining the lock. The fix is in
policy_cache_new to detect if the creation has happened already.
---
crypto/x509v3/pcy_cache.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/crypto/x509v3/pcy_cache.c b/crypto/x509v3/pcy_cache.c
index 41a748d..4b40536 100644
--- a/crypto/x509v3/pcy_cache.c
+++ b/crypto/x509v3/pcy_cache.c
@@ -128,6 +128,8 @@ static int policy_cache_new(X509 *x)
CERTIFICATEPOLICIES *ext_cpols = NULL;
POLICY_MAPPINGS *ext_pmaps = NULL;
int i;
+ if (x->policy_cache != NULL)
+ return 1;
cache = OPENSSL_malloc(sizeof(*cache));
if (!cache)
return 0;
--
1.9.1
_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-...@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
