stream-ssl: Avoid access-after-free error in update_ssl_config().
authorBen Pfaff <blp@nicira.com>
Wed, 14 Apr 2010 23:02:38 +0000 (16:02 -0700)
committerBen Pfaff <blp@nicira.com>
Wed, 14 Apr 2010 23:02:45 +0000 (16:02 -0700)
Commit b84f503d "stream-ssl: Read existing CA certificate more eagerly
during bootstrap" inadvertently introduced an access-after-free error:

  do_ca_cert_bootstrap() calls
    stream_ssl_set_ca_cert_file(ca_cert.file_name, true), which calls
      update_ssl_config(&ca_cert, file_name), which calls
        free(ca_cert.file_name) then xstrdup(ca_cert.file_name).

Fix the problem.

Reported-by: Cedric Hobbs <cedric@nicira.com>
Reported-by: Peter Balland <peter@nicira.com>
lib/stream-ssl.c

index 153357cd78ea7a27eaa3d0f011455e9cc302cfa8..aeca21ecc0fdd555507ddd749fdf3f9d6ba86118 100644 (file)
@@ -954,9 +954,12 @@ update_ssl_config(struct ssl_config_file *config, const char *file_name)
         return false;
     }
 
+    /* Update 'config'. */
     config->mtime = mtime;
-    free(config->file_name);
-    config->file_name = xstrdup(file_name);
+    if (file_name != config->file_name) {
+        free(config->file_name);
+        config->file_name = xstrdup(file_name);
+    }
     return true;
 }