File: TLS-0-init-plugin_ssl_ctx-fixes-3281.patch

package info (click to toggle)
lighttpd 1.4.79-2
  • links: PTS, VCS
  • area: main
  • in suites: trixie
  • size: 7,492 kB
  • sloc: ansic: 99,486; perl: 2,607; sh: 783; yacc: 726; makefile: 705
file content (74 lines) | stat: -rw-r--r-- 3,254 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
 
From 3d550097d2ededc34ac67dc8f63c156afdcdd768 Mon Sep 17 00:00:00 2001
From: Glenn Strauss <gstrauss@gluelogic.com>
Date: Thu, 17 Apr 2025 21:39:39 -0400
Subject: [PATCH] [TLS] 0-init plugin_ssl_ctx (fixes #3281)
Origin: upstream, https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/3d550097d2ededc34ac67dc8f63c156afdcdd768
Forwarded: not-needed

(thx mwhitlock)

x-ref:
  https://redmine.lighttpd.net/issues/3281
  `lighttpd -tt` segfaults in mod_gnutls.c
---
 src/mod_gnutls.c  | 2 +-
 src/mod_mbedtls.c | 2 +-
 src/mod_nss.c     | 2 +-
 src/mod_wolfssl.c | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/mod_gnutls.c b/src/mod_gnutls.c
index e789d851..1dfc2b3d 100644
--- a/src/mod_gnutls.c
+++ b/src/mod_gnutls.c
@@ -2389,7 +2389,7 @@ mod_gnutls_set_defaults_sockets(server *srv, plugin_data *p)
         /*conf.ssl_ctx = NULL;*//*(filled by network_init_ssl() even on error)*/
         if (0 == network_init_ssl(srv, &conf, p)) {
             plugin_ssl_ctx * const s = p->ssl_ctxs[sidx] =
-              ck_malloc(sizeof(plugin_ssl_ctx));
+              ck_calloc(1, sizeof(plugin_ssl_ctx));
             s->ssl_session_ticket = conf.ssl_session_ticket;
             s->priority_cache     = conf.priority_cache;
           #if GNUTLS_VERSION_NUMBER < 0x030600
diff --git a/src/mod_mbedtls.c b/src/mod_mbedtls.c
index 357b4f3b..2d5f77b8 100644
--- a/src/mod_mbedtls.c
+++ b/src/mod_mbedtls.c
@@ -1983,7 +1983,7 @@ mod_mbedtls_set_defaults_sockets(server *srv, plugin_data *p)
         /*conf.ssl_ctx = NULL;*//*(filled by network_init_ssl() even on error)*/
         if (0 == network_init_ssl(srv, &conf, p)) {
             plugin_ssl_ctx * const s = p->ssl_ctxs[sidx] =
-              ck_malloc(sizeof(plugin_ssl_ctx));
+              ck_calloc(1, sizeof(plugin_ssl_ctx));
             s->ssl_ctx            = conf.ssl_ctx;
             s->ciphersuites       = conf.ciphersuites;
             s->curves             = conf.curves;
diff --git a/src/mod_nss.c b/src/mod_nss.c
index 8501d263..cd45b315 100644
--- a/src/mod_nss.c
+++ b/src/mod_nss.c
@@ -2045,7 +2045,7 @@ mod_nss_set_defaults_sockets(server *srv, plugin_data *p)
         /*conf.ssl_ctx = NULL;*//*(filled by network_init_ssl() even on error)*/
         if (0 == network_init_ssl(srv, &conf, p)) {
             plugin_ssl_ctx * const s = p->ssl_ctxs[sidx] =
-              ck_malloc(sizeof(plugin_ssl_ctx));
+              ck_calloc(1, sizeof(plugin_ssl_ctx));
             s->model              = conf.model;
             s->pc                 = conf.pc;
             s->kp                 = mod_nss_kp_acq(s->pc);
diff --git a/src/mod_wolfssl.c b/src/mod_wolfssl.c
index a9d3f1f6..7cbcc563 100644
--- a/src/mod_wolfssl.c
+++ b/src/mod_wolfssl.c
@@ -2753,7 +2753,7 @@ mod_openssl_set_defaults_sockets(server *srv, plugin_data *p)
         /*conf.ssl_ctx = NULL;*//*(filled by network_init_ssl() even on error)*/
         if (0 == network_init_ssl(srv, &conf, p)) {
             plugin_ssl_ctx * const s = p->ssl_ctxs[sidx] =
-              ck_malloc(sizeof(plugin_ssl_ctx));
+              ck_calloc(1, sizeof(plugin_ssl_ctx));
             s->ssl_ctx = conf.ssl_ctx;
             s->pc = conf.pc;
             s->kp = mod_wolfssl_kp_acq(s->pc);
-- 
2.49.0