[ovs-git] Open vSwitch: stream-ssl: Avoid access-after-free error in update_ssl_config(). (master)

dev at openvswitch.org dev at openvswitch.org
Wed Apr 14 23:45:22 UTC 2010


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Open vSwitch".

The branch, master has been updated
       via  2b1a27a1f834fd5f02cd1c376769bf5450805983 (commit)
      from  80bc2072c0f8b105142f7f30f202809127af87a5 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 2b1a27a1f834fd5f02cd1c376769bf5450805983
Diffs: http://openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=commitdiff;h=2b1a27a1f834fd5f02cd1c376769bf5450805983
Author: Ben Pfaff <blp at nicira.com>
		
stream-ssl: Avoid access-after-free error in update_ssl_config().
		
Commit b84f503d "stream-ssl: Read existing CA certificate more eagerly
during bootstrap" inadvertently introduced an access-after-free error:

  do_ca_cert_bootstrap() calls
    stream_ssl_set_ca_cert_file(ca_cert.file_name, true), which calls
      update_ssl_config(&ca_cert, file_name), which calls
        free(ca_cert.file_name) then xstrdup(ca_cert.file_name).

Fix the problem.

Reported-by: Cedric Hobbs <cedric at nicira.com>
Reported-by: Peter Balland <peter at nicira.com>


-----------------------------------------------------------------------

Summary of changes:
 lib/stream-ssl.c |    7 +++++--
 1 files changed, 5 insertions(+), 2 deletions(-)


hooks/post-receive
-- 
Open vSwitch




More information about the git mailing list