[asterisk-commits] twilson: branch 1.6.2 r310998 - /branches/1.6.2/main/tcptls.c

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Wed Mar 16 14:46:40 CDT 2011


Author: twilson
Date: Wed Mar 16 14:46:36 2011
New Revision: 310998

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=310998
Log:
Fix crash on fdopen failure

See security advisory AST-2011-004

(closes issue #18845)
Reported by: cmaj
Patches: 
    patch-main-tcptls-1.8.3-rc2-open-session-crash-take2.diff.txt uploaded by cmaj (license 830)
    patch-main-tcptls-1.8.3-rc2-open-session-crash-take3.diff.txt uploaded by cmaj (license 830)
Tested by: cmaj, twilson

Modified:
    branches/1.6.2/main/tcptls.c

Modified: branches/1.6.2/main/tcptls.c
URL: http://svnview.digium.com/svn/asterisk/branches/1.6.2/main/tcptls.c?view=diff&rev=310998&r1=310997&r2=310998
==============================================================================
--- branches/1.6.2/main/tcptls.c (original)
+++ branches/1.6.2/main/tcptls.c Wed Mar 16 14:46:36 2011
@@ -139,8 +139,12 @@
 	* open a FILE * as appropriate.
 	*/
 	if (!tcptls_session->parent->tls_cfg) {
-		tcptls_session->f = fdopen(tcptls_session->fd, "w+");
-		setvbuf(tcptls_session->f, NULL, _IONBF, 0);
+		if ((tcptls_session->f = fdopen(tcptls_session->fd, "w+"))) {
+			if(setvbuf(tcptls_session->f, NULL, _IONBF, 0)) {
+				fclose(tcptls_session->f);
+				tcptls_session->f = NULL;
+			}
+		}
 	}
 #ifdef DO_SSL
 	else if ( (tcptls_session->ssl = SSL_new(tcptls_session->parent->tls_cfg->ssl_ctx)) ) {




More information about the asterisk-commits mailing list