commit | 7861c4d764ae8989346b9e3e3382dfd0c0a92c99 | [log] [tgz] |
---|---|---|
author | Maxim Dounin <mdounin@mdounin.ru> | Tue Aug 22 17:36:12 2017 +0300 |
committer | Maxim Dounin <mdounin@mdounin.ru> | Tue Aug 22 17:36:12 2017 +0300 |
tree | 72a91d2bcff58902adcfb7ab344225ec33d6bef5 | |
parent | 6bc115f83bd2d6593efca4adccd6655cd3b2e7cd [diff] |
SSL: fixed possible use-after-free in $ssl_server_name. The $ssl_server_name variable used SSL_get_servername() result directly, but this is not safe: it references a memory allocation in an SSL session, and this memory might be freed at any time due to renegotiation. Instead, copy the name to memory allocated from the pool.