mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-08 13:40:51 +02:00
Fix ssl double-free and accepted-socket leak in Azure Sphere server
Set ssl = NULL after the per-connection free so the final util_Cleanup no longer double-frees it; close(connd) on post-accept error paths.
This commit is contained in:
@@ -56,8 +56,8 @@ int azsphere_server_app(void)
|
||||
#endif
|
||||
{
|
||||
bool isNetworkingReady = false;
|
||||
int sockfd;
|
||||
int connd;
|
||||
int sockfd = -1;
|
||||
int connd = -1;
|
||||
struct sockaddr_in servAddr;
|
||||
struct sockaddr_in clientAddr;
|
||||
socklen_t size = sizeof(clientAddr);
|
||||
@@ -153,6 +153,7 @@ int azsphere_server_app(void)
|
||||
/* Create a WOLFSSL object */
|
||||
if ((ssl = wolfSSL_new(ctx)) == NULL) {
|
||||
fprintf(stderr, "ERROR: failed to create WOLFSSL object\n");
|
||||
close(connd);
|
||||
util_Cleanup(sockfd, ctx, ssl);
|
||||
return -1;
|
||||
}
|
||||
@@ -165,6 +166,7 @@ int azsphere_server_app(void)
|
||||
if (ret != SSL_SUCCESS) {
|
||||
fprintf(stderr, "wolfSSL_accept error = %d\n",
|
||||
wolfSSL_get_error(ssl, ret));
|
||||
close(connd);
|
||||
util_Cleanup(sockfd, ctx, ssl);
|
||||
return -1;
|
||||
}
|
||||
@@ -175,6 +177,7 @@ int azsphere_server_app(void)
|
||||
memset(buff, 0, sizeof(buff));
|
||||
if (wolfSSL_read(ssl, buff, sizeof(buff)-1) == -1) {
|
||||
fprintf(stderr, "ERROR: failed to read\n");
|
||||
close(connd);
|
||||
util_Cleanup(sockfd, ctx, ssl);
|
||||
return -1;
|
||||
}
|
||||
@@ -196,13 +199,16 @@ int azsphere_server_app(void)
|
||||
/* Reply back to the client */
|
||||
if (wolfSSL_write(ssl, buff, (int)len) != len) {
|
||||
fprintf(stderr, "ERROR: failed to write\n");
|
||||
close(connd);
|
||||
util_Cleanup(sockfd, ctx, ssl);
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Cleanup after this connection */
|
||||
wolfSSL_free(ssl); /* Free the wolfSSL object */
|
||||
ssl = NULL;
|
||||
close(connd); /* Close the connection to the client */
|
||||
connd = -1;
|
||||
}
|
||||
|
||||
printf("Shutdown complete\n");
|
||||
|
||||
@@ -51,8 +51,8 @@
|
||||
int main(void)
|
||||
{
|
||||
bool isNetworkingReady = false;
|
||||
int sockfd;
|
||||
int connd;
|
||||
int sockfd = -1;
|
||||
int connd = -1;
|
||||
struct sockaddr_in servAddr;
|
||||
struct sockaddr_in clientAddr;
|
||||
socklen_t size = sizeof(clientAddr);
|
||||
@@ -148,6 +148,7 @@ int main(void)
|
||||
/* Create a WOLFSSL object */
|
||||
if ((ssl = wolfSSL_new(ctx)) == NULL) {
|
||||
fprintf(stderr, "ERROR: failed to create WOLFSSL object\n");
|
||||
close(connd);
|
||||
util_Cleanup(sockfd, ctx, ssl);
|
||||
return -1;
|
||||
}
|
||||
@@ -160,6 +161,7 @@ int main(void)
|
||||
if (ret != SSL_SUCCESS) {
|
||||
fprintf(stderr, "wolfSSL_accept error = %d\n",
|
||||
wolfSSL_get_error(ssl, ret));
|
||||
close(connd);
|
||||
util_Cleanup(sockfd, ctx, ssl);
|
||||
return -1;
|
||||
}
|
||||
@@ -170,6 +172,7 @@ int main(void)
|
||||
memset(buff, 0, sizeof(buff));
|
||||
if (wolfSSL_read(ssl, buff, sizeof(buff)-1) == -1) {
|
||||
fprintf(stderr, "ERROR: failed to read\n");
|
||||
close(connd);
|
||||
util_Cleanup(sockfd, ctx, ssl);
|
||||
return -1;
|
||||
}
|
||||
@@ -191,13 +194,16 @@ int main(void)
|
||||
/* Reply back to the client */
|
||||
if (wolfSSL_write(ssl, buff, (int)len) != len) {
|
||||
fprintf(stderr, "ERROR: failed to write\n");
|
||||
close(connd);
|
||||
util_Cleanup(sockfd, ctx, ssl);
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Cleanup after this connection */
|
||||
wolfSSL_free(ssl); /* Free the wolfSSL object */
|
||||
ssl = NULL;
|
||||
close(connd); /* Close the connection to the client */
|
||||
connd = -1;
|
||||
}
|
||||
|
||||
printf("Shutdown complete\n");
|
||||
|
||||
Reference in New Issue
Block a user