walkero
/
nghttp2
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

src: Fix possible heap-use-after free for OpenSSL global locking 

This is simply programming error, but it is interesting that using
libstdc++ does not reveal this error.  With clang++-libc++, we got
std::system_error: mutex lock faild: Invalid argument.  This is
because we did not give a name to lock object, so it is immediately
destructed.  I think this will fix the reported crash on Mac OSX.
This commit is contained in:
Tatsuhiro Tsujikawa 2014-10-14 21:47:07 +09:00
parent 0d4120ce2c
commit 8fffa05513
3 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/h2load.cc
View File

@ -812,7 +812,7 @@ int main(int argc, char **argv)
SSL_library_init();
#ifndef NOTHREADS
ssl::LibsslGlobalLock();
ssl::LibsslGlobalLock lock;
#endif // NOTHREADS
auto ssl_ctx = SSL_CTX_new(SSLv23_client_method());

2
src/nghttpd.cc
View File

@ -296,7 +296,7 @@ int main(int argc, char **argv)
SSL_load_error_strings();
SSL_library_init();
#ifndef NOTHREADS
ssl::LibsslGlobalLock();
ssl::LibsslGlobalLock lock;
#endif // NOTHREADS
reset_timer();

2
src/shrpx.cc
View File

@ -1621,7 +1621,7 @@ int main(int argc, char **argv)
SSL_load_error_strings();
SSL_library_init();
#ifndef NOTHREADS
nghttp2::ssl::LibsslGlobalLock();
nghttp2::ssl::LibsslGlobalLock lock;
#endif // NOTHREADS
if(conf_exists(get_config()->conf_path.get())) {