Swiftdiff options
| author | Alexey Melnikov <alexey.melnikov@isode.com> | 2017-06-19 12:01:54 (GMT) |
|---|---|---|
| committer | Alexey Melnikov <alexey.melnikov@isode.com> | 2017-06-19 13:22:51 (GMT) |
| commit | b807e3fa975cf25e5e901b59643419a5a73a12fe (patch) | |
| tree | be442c5e7fe96122c8c8324d8266085aa95c6524 /Swiften | |
| parent | b8c1d6fb59bd4ae528d807fc30b02dab45aafabf (diff) | |
| download | swift-b807e3fa975cf25e5e901b59643419a5a73a12fe.zip swift-b807e3fa975cf25e5e901b59643419a5a73a12fe.tar.bz2 | |
Don't crash when SSL_new fails
NULL pointer dereference was happening in OpenSSL code (inside
SSL_set_bio) when SSL_new returned NULL due to lack of Isode HGE license.
Change-Id: Iebd78be7eb6c7978de0bff225915dc393a516f08
Diffstat (limited to 'Swiften')
| -rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLContext.cpp | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp index cd6b6bc..0805917 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp @@ -94,60 +94,66 @@ OpenSSLContext::OpenSSLContext() : state_(Start), context_(0), handle_(0), readB } } CFRelease(anchorCertificates); } #endif } OpenSSLContext::~OpenSSLContext() { SSL_free(handle_); SSL_CTX_free(context_); } void OpenSSLContext::ensureLibraryInitialized() { static bool isLibraryInitialized = false; if (!isLibraryInitialized) { SSL_load_error_strings(); SSL_library_init(); OpenSSL_add_all_algorithms(); // Disable compression /* STACK_OF(SSL_COMP)* compressionMethods = SSL_COMP_get_compression_methods(); sk_SSL_COMP_zero(compressionMethods);*/ isLibraryInitialized = true; } } void OpenSSLContext::connect() { handle_ = SSL_new(context_); + if (handle_ == nullptr) { + state_ = Error; + onError(std::make_shared<TLSError>()); + return; + } + // Ownership of BIOs is ransferred readBIO_ = BIO_new(BIO_s_mem()); writeBIO_ = BIO_new(BIO_s_mem()); SSL_set_bio(handle_, readBIO_, writeBIO_); state_ = Connecting; doConnect(); } void OpenSSLContext::doConnect() { int connectResult = SSL_connect(handle_); int error = SSL_get_error(handle_, connectResult); switch (error) { case SSL_ERROR_NONE: { state_ = Connected; //std::cout << x->name << std::endl; //const char* comp = SSL_get_current_compression(handle_); //std::cout << "Compression: " << SSL_COMP_get_name(comp) << std::endl; onConnected(); break; } case SSL_ERROR_WANT_READ: sendPendingDataToNetwork(); break; default: state_ = Error; onError(std::make_shared<TLSError>()); } } |