From: Terry Wilson <twilson@digium.com>
Date: Wed, 16 Mar 2011 19:35:55 +0000 (+0000)
Subject: Fix crash on fdopen failure
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b9b9d4da4d1ce9e2cf8886a92eb0ce0eaa7e242e;p=thirdparty%2Fasterisk.git

Fix crash on fdopen failure

See security advisory AST-2011-004

(closes issue #18845)
Reported by: cmaj
Patches:
      patch-main-tcptls-1.8.3-rc2-open-session-crash-take2.diff.txt uploaded by cmaj (license 830)
      patch-main-tcptls-1.8.3-rc2-open-session-crash-take3.diff.txt uploaded by cmaj (license 830)
Tested by: cmaj, twilson


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.6.1@310995 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---

diff --git a/main/tcptls.c b/main/tcptls.c
index 6039761a55..81d8e5d5ef 100644
--- a/main/tcptls.c
+++ b/main/tcptls.c
@@ -139,8 +139,12 @@ static void *handle_tcptls_connection(void *data)
 	* open a FILE * as appropriate.
 	*/
 	if (!tcptls_session->parent->tls_cfg) {
-		tcptls_session->f = fdopen(tcptls_session->fd, "w+");
-		setvbuf(tcptls_session->f, NULL, _IONBF, 0);
+		if ((tcptls_session->f = fdopen(tcptls_session->fd, "w+"))) {
+			if(setvbuf(tcptls_session->f, NULL, _IONBF, 0)) {
+				fclose(tcptls_session->f);
+				tcptls_session->f = NULL;
+			}
+		}
 	}
 #ifdef DO_SSL
 	else if ( (tcptls_session->ssl = SSL_new(tcptls_session->parent->tls_cfg->ssl_ctx)) ) {