[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug-wget] [PATCH 1/2] Fix double free bug caused by opt.private_key and
From: |
Rohit Mathulla |
Subject: |
[Bug-wget] [PATCH 1/2] Fix double free bug caused by opt.private_key and opt.cert_file pointing to the same location |
Date: |
Fri, 24 Apr 2015 15:48:29 +1000 |
* src/openssl.c, src/gnutls.c (ssl_init): Copy options using xstrdup
---
Wget crashes with a double free bug when compiled with -DDEBUG_MALLOC and only
one option of --certificate or --private-key is given. To reproduce it, run
./src/wget --certificate=sample.pem https://www.example.org
This occurs with both gnutls and openssl.
Thanks,
Rohit
src/gnutls.c | 4 ++--
src/openssl.c | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/gnutls.c b/src/gnutls.c
index 5a89e06..be04342 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -184,13 +184,13 @@ ssl_init (void)
/* Use the private key from the cert file unless otherwise specified. */
if (opt.cert_file && !opt.private_key)
{
- opt.private_key = opt.cert_file;
+ opt.private_key = xstrdup (opt.cert_file);
opt.private_key_type = opt.cert_type;
}
/* Use the cert from the private key file unless otherwise specified. */
if (!opt.cert_file && opt.private_key)
{
- opt.cert_file = opt.private_key;
+ opt.cert_file = xstrdup (opt.private_key);
opt.cert_type = opt.private_key_type;
}
diff --git a/src/openssl.c b/src/openssl.c
index b8a9614..b6cdb8d 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -292,7 +292,7 @@ ssl_init (void)
/* Use the private key from the cert file unless otherwise specified. */
if (opt.cert_file && !opt.private_key)
{
- opt.private_key = opt.cert_file;
+ opt.private_key = xstrdup (opt.cert_file);
opt.private_key_type = opt.cert_type;
}
--
2.3.0
- [Bug-wget] [PATCH 1/2] Fix double free bug caused by opt.private_key and opt.cert_file pointing to the same location,
Rohit Mathulla <=