[asterisk-commits] twilson: branch 1.6.1 r310995 - /branches/1.6.1/main/tcptls.c
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Wed Mar 16 14:36:00 CDT 2011
Author: twilson
Date: Wed Mar 16 14:35:55 2011
New Revision: 310995
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=310995
Log:
Fix crash on fdopen failure
See security advisory AST-2011-004
(closes issue #18845)
Reported by: cmaj
Patches:
patch-main-tcptls-1.8.3-rc2-open-session-crash-take2.diff.txt uploaded by cmaj (license 830)
patch-main-tcptls-1.8.3-rc2-open-session-crash-take3.diff.txt uploaded by cmaj (license 830)
Tested by: cmaj, twilson
Modified:
branches/1.6.1/main/tcptls.c
Modified: branches/1.6.1/main/tcptls.c
URL: http://svnview.digium.com/svn/asterisk/branches/1.6.1/main/tcptls.c?view=diff&rev=310995&r1=310994&r2=310995
==============================================================================
--- branches/1.6.1/main/tcptls.c (original)
+++ branches/1.6.1/main/tcptls.c Wed Mar 16 14:35:55 2011
@@ -139,8 +139,12 @@
* open a FILE * as appropriate.
*/
if (!tcptls_session->parent->tls_cfg) {
- tcptls_session->f = fdopen(tcptls_session->fd, "w+");
- setvbuf(tcptls_session->f, NULL, _IONBF, 0);
+ if ((tcptls_session->f = fdopen(tcptls_session->fd, "w+"))) {
+ if(setvbuf(tcptls_session->f, NULL, _IONBF, 0)) {
+ fclose(tcptls_session->f);
+ tcptls_session->f = NULL;
+ }
+ }
}
#ifdef DO_SSL
else if ( (tcptls_session->ssl = SSL_new(tcptls_session->parent->tls_cfg->ssl_ctx)) ) {
More information about the asterisk-commits
mailing list