Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix crash after dohandshake() fails #73

Merged
merged 2 commits into from
Aug 3, 2016
Merged

Fix crash after dohandshake() fails #73

merged 2 commits into from
Aug 3, 2016

Conversation

ghost
Copy link

@ghost ghost commented May 3, 2016

The number of bytes received by ssl_recv() is being passed to luaL_addlstring() (in recvall()) but it was being left either uninitialized or being set to an error code. The crashing case I found was when the state was not LSEC_STATE_CONNECTED and ssl_recv() returned immediately without setting "got".

Perry Clarke added 2 commits May 3, 2016 16:37
Fix crash related to incorrect buffer size
5a98bb6 
The number of bytes received by ssl_recv() is being passed to luaL_addlstring() (in recvall()) but it was being left either uninitialized or being set to an error code.  The crashing case I found was when the state was not LSEC_STATE_CONNECTED (e.g. when dohandshake() has failed) and ssl_recv() returned immediately without setting "got".
Merge pull request #1 from perry-clarke/perry-clarke-patch-1
0f4eaf0 
Fix crash related to incorrect buffer size
@Zash
Copy link
Contributor

Zash commented May 26, 2016
edited
Loading

This appears to fix a pretty bad issue I've been trying to debug, but on the other hand:

print(require("ssl.https").request("https://www.example.com/"))

returns

nil closed  nil nil

Zash
Zash reviewed May 26, 2016
View reviewed changes
src/ssl.c
for ( ; ; ) {
ERR_clear_error();
err = SSL_read(ssl->ssl, data, (int)count);
ssl->error = SSL_get_error(ssl->ssl, err);
switch (ssl->error) {
case SSL_ERROR_NONE:
*got = err;
*got = 0;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this really correct? No error → no data?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is wrong following the documentation.
It must be: *got = err;

@Zash Zash mentioned this pull request Jul 15, 2016
Closed
brunoos
brunoos reviewed Aug 3, 2016
View reviewed changes
src/ssl.c
return IO_DONE;
case SSL_ERROR_ZERO_RETURN:
*got = err;
*got = 0;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This line can be removed.
We have SSL_ERROR_ZERO_RETURN only if "err == 0". Since "*got = 0;" at the beginning, the line is useless.

@brunoos brunoos merged commit 9efa963 into lunarmodules:master Aug 3, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Zash @brunoos @kek-dev