https://origsvn.digium.com/svn/asterisk/branches/1.6.2
........
r310998 | twilson | 2011-03-16 14:46:36 -0500 (Wed, 16 Mar 2011) | 11 lines
Fix crash on fdopen failure
See security advisory AST-2011-004
(closes issue #18845)
Reported by: cmaj
Patches:
patch-main-tcptls-1.8.3-rc2-open-session-crash-take2.diff.txt uploaded by cmaj (license 830)
patch-main-tcptls-1.8.3-rc2-open-session-crash-take3.diff.txt uploaded by cmaj (license 830)
Tested by: cmaj, twilson
........
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@310999
65c4cc65-6c06-0410-ace0-
fbb531ad65f3
* open a FILE * as appropriate.
*/
if (!tcptls_session->parent->tls_cfg) {
- tcptls_session->f = fdopen(tcptls_session->fd, "w+");
- setvbuf(tcptls_session->f, NULL, _IONBF, 0);
+ if ((tcptls_session->f = fdopen(tcptls_session->fd, "w+"))) {
+ if(setvbuf(tcptls_session->f, NULL, _IONBF, 0)) {
+ fclose(tcptls_session->f);
+ tcptls_session->f = NULL;
+ }
+ }
}
#ifdef DO_SSL
else if ( (tcptls_session->ssl = SSL_new(tcptls_session->parent->tls_cfg->ssl_ctx)) ) {
projects / thirdparty / asterisk.git / commitdiff
