projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5fe6e23)
Fix wrong lock claimed in x509 dir lookup.
authorKrists Krilovs <krists.krilovs@gmail.com>
Mon, 8 Jul 2019 20:43:09 +0000 (13:43 -0700)
committerShane Lontis <shane.lontis@oracle.com>
Mon, 15 Jul 2019 01:21:25 +0000 (11:21 +1000)
x509 store's objects cache can get corrupted when using dir lookup
method in multithreaded application. Claim x509 store's lock when
accessing objects cache.

CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9326)

crypto/x509/by_dir.c patch | blob | history

diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index 36c6b089e380c07e981e6b54182c698e057dc744..e53b9b44a6b41cca0a3c8f94b4f9dd2fe9792a3a 100644 (file)
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -327,10 +327,10 @@ static int get_cert_by_subject(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
         /*
          * we have added it to the cache so now pull it out again
          */
-        CRYPTO_THREAD_write_lock(ctx->lock);
+        X509_STORE_lock(xl->store_ctx);
         j = sk_X509_OBJECT_find(xl->store_ctx->objs, &stmp);
         tmp = sk_X509_OBJECT_value(xl->store_ctx->objs, j);
-        CRYPTO_THREAD_unlock(ctx->lock);
+        X509_STORE_unlock(xl->store_ctx);
 
         /* If a CRL, update the last file suffix added for this */
 
Unnamed repository; edit this file 'description' to name the repository.