Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

check the return value of SSL_get_ex_data() #8268

wants to merge 3 commits into from


Copy link

@x2018 x2018 commented Jan 12, 2022

check the return value of SSL_get_ex_data() to prevent potential NULL dereference.
SSL_set_ex_data() called by ossl_associate_connection() may fail, so it is better to check the return value from SSL_get_ex_data(), especially data which will be dereferenced in the following code. And though sockindex seems meaningless in Curl_ssl_getsessionid() or Curl_ssl_addsessionid()?

/* The sockindex has been stored as a pointer to an array element */
sockindex_ptr = (curl_socket_t*) SSL_get_ex_data(ssl, sockindex_idx);
if(!conn || !data || !sockindex_ptr)
return 0;

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If no error has been returned before, can this really happen?

And if this can happen, doesn't it signify a major error somewhere to call for everything to get closed down?

Copy link
Contributor Author

x2018 commented Jan 14, 2022

Yes, it looks like this can happen as

static void ossl_associate_connection(struct Curl_easy *data,
is void type and inside it does not check the return value of SSL_set_ex_data, while SSL_set_ex_data may fail because of some internal errors.
To catch the error in time, I will change the signature of ossl_associate_connection and add several checks these days.

…ck to catch the internal errors of SSL_set_ex_data or SSL_get_ex_new_index in time
Copy link
Contributor Author

x2018 commented Jan 19, 2022

I updated the signature of ossl_associate_connection and added several checks. And I retain the usage of Curl_ssl->associate_connection() in vtls.c as before. I am not sure whether these changes make sense. Thank you for taking the time to review this PR.

@bagder bagder closed this in a97eb81 Jan 23, 2022
Copy link

bagder commented Jan 23, 2022


Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet

Successfully merging this pull request may close these issues.

None yet

2 participants