From 8fffa055139031331f1a069be2554b15b5511bbe Mon Sep 17 00:00:00 2001
From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Date: Tue, 14 Oct 2014 21:47:07 +0900
Subject: [PATCH] src: Fix possible heap-use-after free for OpenSSL global
 locking

This is simply programming error, but it is interesting that using
libstdc++ does not reveal this error.  With clang++-libc++, we got
std::system_error: mutex lock faild: Invalid argument.  This is
because we did not give a name to lock object, so it is immediately
destructed.  I think this will fix the reported crash on Mac OSX.
---
 src/h2load.cc  | 2 +-
 src/nghttpd.cc | 2 +-
 src/shrpx.cc   | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/h2load.cc b/src/h2load.cc
index f60ffeaf..53db71c9 100644
--- a/src/h2load.cc
+++ b/src/h2load.cc
@@ -812,7 +812,7 @@ int main(int argc, char **argv)
   SSL_library_init();
 
 #ifndef NOTHREADS
-  ssl::LibsslGlobalLock();
+  ssl::LibsslGlobalLock lock;
 #endif // NOTHREADS
 
   auto ssl_ctx = SSL_CTX_new(SSLv23_client_method());
diff --git a/src/nghttpd.cc b/src/nghttpd.cc
index a75a23b9..d037615e 100644
--- a/src/nghttpd.cc
+++ b/src/nghttpd.cc
@@ -296,7 +296,7 @@ int main(int argc, char **argv)
   SSL_load_error_strings();
   SSL_library_init();
 #ifndef NOTHREADS
-  ssl::LibsslGlobalLock();
+  ssl::LibsslGlobalLock lock;
 #endif // NOTHREADS
 
   reset_timer();
diff --git a/src/shrpx.cc b/src/shrpx.cc
index 1bb3ea51..65277894 100644
--- a/src/shrpx.cc
+++ b/src/shrpx.cc
@@ -1621,7 +1621,7 @@ int main(int argc, char **argv)
   SSL_load_error_strings();
   SSL_library_init();
 #ifndef NOTHREADS
-  nghttp2::ssl::LibsslGlobalLock();
+  nghttp2::ssl::LibsslGlobalLock lock;
 #endif // NOTHREADS
 
   if(conf_exists(get_config()->conf_path.get())) {