Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Done
Priority: Major - P3
Fix Version/s: 2.6.9, 3.0.3, 3.1.2
Affects Version/s: None
Component/s: Networking, Security
Labels:
- 32qa

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Backport Completed:

2.6.10, 3.0.3
Sprint:
Security 2 04/24/15
Confidence Status:
None
Work Order:
3

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

Environment:
db version v3.1.1-pre-
git version: 5e7aa5c9efdea28cc82ff8d0ea0e3a76cf5c94f8
OpenSSL version: OpenSSL 1.0.1m-fips 19 Mar 2015

Scenario:
Low bit corruption with SSL enabled

Problem:

Memory allocated in here

SSLConnection* sslConn = new SSLConnection(_serverContext, socket, initialBytes, len);

Memory has not been released during the error handler _handleSSLError()

consider replacing the sslconnection w/ auto release pointer

 
* socket, const char* initialBytes, int len) {
        SSLConnection* sslConn = new SSLConnection(_serverContext, socket, initialBytes, len);
        ScopeGuard sslGuard = MakeGuard(::SSL_free, sslConn->ssl);
        ScopeGuard bioGuard = MakeGuard(::BIO_free, sslConn->networkBIO);
 
        int ret;
        do {
            ret = ::SSL_accept(sslConn->ssl);
        } while(!_doneWithSSLOp(sslConn, ret));
 
        if (ret != 1)
            _handleSSLError(SSL_get_error(sslConn, ret), ret);
 
        sslGuard.Dismiss();
        bioGuard.Dismiss();

Assignee:: Robert Guo (Inactive)
Reporter:: Eitan Klein (Inactive)
Participants:: Eitan Klein, Githook User, Robert Guo
Votes:: 0 Vote for this issue
Watchers:: 4 Start watching this issue

Created:: Apr 01 2015 07:27:12 AM UTC
Updated:: Sep 19 2015 12:28:44 AM UTC
Resolved:: Apr 13 2015 06:19:09 PM UTC

Details

Description

Attachments

Activity

People

Dates