From: Matt Caswell Date: Tue, 3 Feb 2015 16:11:49 +0000 (+0000) Subject: Fix seg fault in dtls1_new X-Git-Tag: OpenSSL_1_1_0-pre1~1400 X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=5fb6f80cdfa418d9429f39f348d7bab8b5f9578a Fix seg fault in dtls1_new Reviewed-by: Richard Levitte --- diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index 6ffbf5fc83..f959942113 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -124,6 +124,10 @@ int dtls1_new(SSL *s) { DTLS1_STATE *d1; + if(!DTLS_RECORD_LAYER_new(&s->rlayer)) { + return 0; + } + if (!ssl3_new(s)) return (0); if ((d1 = OPENSSL_malloc(sizeof *d1)) == NULL) { @@ -131,12 +135,6 @@ int dtls1_new(SSL *s) return (0); } memset(d1, 0, sizeof *d1); - - if(!DTLS_RECORD_LAYER_new(&s->rlayer)) { - OPENSSL_free(d1); - ssl3_free(s); - return 0; - } d1->buffered_messages = pqueue_new(); d1->sent_messages = pqueue_new(); diff --git a/ssl/record/d1_pkt.c b/ssl/record/d1_pkt.c index 5d0adb9c4e..e5a27883a7 100644 --- a/ssl/record/d1_pkt.c +++ b/ssl/record/d1_pkt.c @@ -133,8 +133,7 @@ int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl) rl->d = d; - DTLS_RECORD_LAYER_clear(rl); - + d->unprocessed_rcds.q = pqueue_new(); d->processed_rcds.q = pqueue_new(); diff --git a/ssl/record/s3_pkt.c b/ssl/record/s3_pkt.c index 065ad94b08..30df2b741a 100644 --- a/ssl/record/s3_pkt.c +++ b/ssl/record/s3_pkt.c @@ -145,8 +145,10 @@ void RECORD_LAYER_clear(RECORD_LAYER *rl) size_t rlen, wlen; int read_ahead; SSL *s; + DTLS_RECORD_LAYER *d; s = rl->s; + d = rl->d; read_ahead = rl->read_ahead; rp = SSL3_BUFFER_get_buf(&rl->rbuf); rlen = SSL3_BUFFER_get_len(&rl->rbuf); @@ -165,6 +167,10 @@ void RECORD_LAYER_clear(RECORD_LAYER *rl) rl->read_ahead = read_ahead; rl->rstate = SSL_ST_READ_HEADER; rl->s = s; + rl->d = d; + + if(d) + DTLS_RECORD_LAYER_clear(rl); } void RECORD_LAYER_release(RECORD_LAYER *rl)