Details
Description
Environment:
db version v3.1.1-pre-
git version: 5e7aa5c9efdea28cc82ff8d0ea0e3a76cf5c94f8
OpenSSL version: OpenSSL 1.0.1m-fips 19 Mar 2015
Scenario:
Low bit corruption with SSL enabled
Problem:
- Memory allocated in here
- SSLConnection* sslConn = new SSLConnection(_serverContext, socket, initialBytes, len);
- Memory has not been released during the error handler _handleSSLError()
consider replacing the sslconnection w/ auto release pointer
|
* socket, const char* initialBytes, int len) {
|
SSLConnection* sslConn = new SSLConnection(_serverContext, socket, initialBytes, len);
|
ScopeGuard sslGuard = MakeGuard(::SSL_free, sslConn->ssl);
|
ScopeGuard bioGuard = MakeGuard(::BIO_free, sslConn->networkBIO);
|
|
int ret;
|
do {
|
ret = ::SSL_accept(sslConn->ssl);
|
} while(!_doneWithSSLOp(sslConn, ret));
|
|
if (ret != 1)
|
_handleSSLError(SSL_get_error(sslConn, ret), ret);
|
|
sslGuard.Dismiss();
|
bioGuard.Dismiss();
|