[Asterisk-code-review] main/rtp engine: Fix DTLS double-free introduced by 0b6410c4f8 (asterisk[master])
Matt Jordan
asteriskteam at digium.com
Wed Apr 29 16:31:07 CDT 2015
Matt Jordan has uploaded a new change for review.
https://gerrit.asterisk.org/301
Change subject: main/rtp_engine: Fix DTLS double-free introduced by 0b6410c4f8
......................................................................
main/rtp_engine: Fix DTLS double-free introduced by 0b6410c4f8
The patch in 0b6410c4f8 did correctly fix a memory leak of the DTLS
structures in the RTP engine. However, when a 'core reload' is issued, a
double free of the memory pointed to by the char *'s in the DTLS
configuration struct can occur, as ast_rtp_dtls_cfg_free does not set
the pointers to NULL when they are freed.
This patch sets those pointers to NULL, preventing a second call to
ast_rtp_dtls_cfg_free from corrupting memory.
ASTERISK-25022
Change-Id: I820471e6070a37e3c26f760118c86770e12f6115
---
M main/rtp_engine.c
1 file changed, 5 insertions(+), 0 deletions(-)
git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/01/301/1
diff --git a/main/rtp_engine.c b/main/rtp_engine.c
index 9c9ad4e..aa91b7d 100644
--- a/main/rtp_engine.c
+++ b/main/rtp_engine.c
@@ -1677,10 +1677,15 @@
void ast_rtp_dtls_cfg_free(struct ast_rtp_dtls_cfg *dtls_cfg)
{
ast_free(dtls_cfg->certfile);
+ dtls_cfg->certfile = NULL;
ast_free(dtls_cfg->pvtfile);
+ dtls_cfg->pvtfile = NULL;
ast_free(dtls_cfg->cipher);
+ dtls_cfg->cipher = NULL;
ast_free(dtls_cfg->cafile);
+ dtls_cfg->cafile = NULL;
ast_free(dtls_cfg->capath);
+ dtls_cfg->capath = NULL;
}
/*! \internal
--
To view, visit https://gerrit.asterisk.org/301
To unsubscribe, visit https://gerrit.asterisk.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I820471e6070a37e3c26f760118c86770e12f6115
Gerrit-PatchSet: 1
Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-Owner: Matt Jordan <mjordan at digium.com>
More information about the asterisk-code-review
mailing list