[Date Prev][Date Next]
(ITS#7783) tlsm_ctx_free crashes if ctx->tc_pin_file is null
Full_Name: Chris Martin
Version: 2.4.23-32.el6_4.1 but also present in git repository version
OS: Oracle Linux 6
Submission from: (NULL) (18.104.22.168)
If tlsm_ctx_free is entered with ctx->tc_pin_file null it will crash when it
calls PL_strfree with that null pointer.
2039 static void
2040 tlsm_ctx_free ( tls_ctx *ctx )
2069 PL_strfree( c->tc_pin_file )
I propose that an "if ( c->tc_pin_file )" be added before this line to protect
The specific use case when we hit this involves automount calling openldap
ldap_start_tls_s which fails with LDAP_CONNECT_ERROR. automount then calls
openldap ldap_unbind_ext which calls ldap_ld_free which calls
ldap_int_tls_destroy which triggers this crash above.