diff options
author | Tomas Heinrich <theinric@redhat.com> | 2011-10-27 09:37:27 +0200 |
---|---|---|
committer | Rainer Gerhards <rgerhards@adiscon.com> | 2011-10-27 09:37:27 +0200 |
commit | 9b305b5de54e4dd84a689e7642043253a1bbc94b (patch) | |
tree | 06762f60ce9ef75708d3e0027d44235990ee0fbf | |
parent | eb87d6f095cc5e72126d8b7716d217a7d6a5e939 (diff) | |
download | rsyslog-9b305b5de54e4dd84a689e7642043253a1bbc94b.tar.gz rsyslog-9b305b5de54e4dd84a689e7642043253a1bbc94b.tar.xz rsyslog-9b305b5de54e4dd84a689e7642043253a1bbc94b.zip |
bugfix: potential abort after reading invalid X.509 certificate
closes: http://bugzilla.adiscon.com/show_bug.cgi?id=290
Signed-off-by: Rainer Gerhards <rgerhards@adiscon.com>
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | runtime/nsd_gtls.c | 8 |
2 files changed, 10 insertions, 3 deletions
@@ -1,10 +1,13 @@ --------------------------------------------------------------------------- -Version 4.8.1 [v4-beta], 2011-09-?? +Version 4.8.1 [v4-stable], 2011-09-?? - bugfix: $ActionExecOnlyOnce interval did not work properly Thanks to Tomas Heinrich for the patch - bugfix: potential abort if ultra-large file io buffers are used and dynafile cache exhausts address space (primarily a problem on 32 bit platforms) +- bugfix: potential abort after reading invalid X.509 certificate + closes: http://bugzilla.adiscon.com/show_bug.cgi?id=290 + Thanks to Tomas Heinrich for the patch --------------------------------------------------------------------------- Version 4.8.0 [v4-stable] (rgerhards), 2011-09-07 *************************************************************************** diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c index e1dcf870..ee78488a 100644 --- a/runtime/nsd_gtls.c +++ b/runtime/nsd_gtls.c @@ -201,10 +201,14 @@ finalize_it: if(iRet != RS_RET_OK) { if(data.data != NULL) free(data.data); - if(pThis->bOurCertIsInit) + if(pThis->bOurCertIsInit) { gnutls_x509_crt_deinit(pThis->ourCert); - if(pThis->bOurKeyIsInit) + pThis->bOurCertIsInit = 0; + } + if(pThis->bOurKeyIsInit) { gnutls_x509_privkey_deinit(pThis->ourKey); + pThis->bOurKeyIsInit = 0; + } } RETiRet; } |