Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix file descriptor leak. #33

Merged
merged 1 commit into from Feb 22, 2019

Conversation

mdw-at-linuxbox
Copy link

If the openssl initial negotiation fails, then the rest of
what sslize does doesn't happen. One of the last things
sslize does is to close the socket at the end of the session.
That needs to happen even if there's no session.

Signed-off-by: Marcus Watts mwatts@redhat.com

If the openssl initial negotiation fails, then the rest of
what sslize does doesn't happen.  One of the last things
sslize does is to close the socket at the end of the session.
That needs to happen even if there's no session.

Signed-off-by: Marcus Watts <mwatts@redhat.com>
@ktdreyer
Copy link
Member

Where did this go into Civetweb upstream?

@cbodley cbodley assigned theanalyst and unassigned Abhishekvrshny Jan 29, 2019
@stuartgrace-bbc
Copy link

Where did this go into Civetweb upstream?

Here is the matching bug fix in civetweb: civetweb@03c05aa

Copy link

@mattbenjamin mattbenjamin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good

@sidhax
Copy link

sidhax commented Feb 11, 2019

CVE-2019-3821 has been assigned to this bug

@cbodley
Copy link

cbodley commented Feb 19, 2019

the upstream fix looks identical. are we going to merge this one for now, and drop it next time we pull up the civetweb submodule? or should we just cherry-pick that now? what do you think @theanalyst, since you generally maintain the submodule?

@theanalyst theanalyst merged commit bb99e93 into ceph:ceph-master Feb 22, 2019
@theanalyst theanalyst mentioned this pull request Feb 22, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
8 participants