Skip to content

M
mongoose
Commit d6259332 authored by Deomid Ryabkov's avatar Deomid Ryabkov Committed by Cesanta Bot
Browse files
Options

Fix use-after-free 

Free keys and cert before conf, not after

PUBLISHED_FROM=5628f56eb6973a779179d641fb425d0f14db39cf
parent 260229a4
Hide whitespace changes
Inline Side-by-side
Showing with 1 addition and 2 deletions
mongoose.c
View file @ d6259332
...@@ -4428,7 +4428,6 @@ static enum mg_ssl_if_result mg_ssl_if_mbed_err(struct mg_connection *nc, ...@@ -4428,7 +4428,6 @@ static enum mg_ssl_if_result mg_ssl_if_mbed_err(struct mg_connection *nc,
static void mg_ssl_if_mbed_free_certs_and_keys(struct mg_ssl_if_ctx *ctx) { static void mg_ssl_if_mbed_free_certs_and_keys(struct mg_ssl_if_ctx *ctx) {
if (ctx->cert != NULL) { if (ctx->cert != NULL) {
ctx->conf->key_cert = NULL;
mbedtls_x509_crt_free(ctx->cert); mbedtls_x509_crt_free(ctx->cert);
MG_FREE(ctx->cert); MG_FREE(ctx->cert);
ctx->cert = NULL; ctx->cert = NULL;
...@@ -4500,11 +4499,11 @@ void mg_ssl_if_conn_free(struct mg_connection *nc) { ...@@ -4500,11 +4499,11 @@ void mg_ssl_if_conn_free(struct mg_connection *nc) {
mbedtls_ssl_free(ctx->ssl); mbedtls_ssl_free(ctx->ssl);
MG_FREE(ctx->ssl); MG_FREE(ctx->ssl);
} }
mg_ssl_if_mbed_free_certs_and_keys(ctx);
if (ctx->conf != NULL) { if (ctx->conf != NULL) {
mbedtls_ssl_config_free(ctx->conf); mbedtls_ssl_config_free(ctx->conf);
MG_FREE(ctx->conf); MG_FREE(ctx->conf);
} }
mg_ssl_if_mbed_free_certs_and_keys(ctx);
memset(ctx, 0, sizeof(*ctx)); memset(ctx, 0, sizeof(*ctx));
MG_FREE(ctx); MG_FREE(ctx);
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment