Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix OpenSSL ALPN array corruption #2235

merged 2 commits into from Nov 25, 2018

Fix OpenSSL ALPN array corruption #2235

merged 2 commits into from Nov 25, 2018


Copy link

@GallaFrancesco GallaFrancesco commented Nov 22, 2018

The current alpn() method used to retrieve the negotiated ALPN protocol does not retun a well-formed string but causes a memory corruption, since the SSL_get0_alpn_selected function expects a NULL pointer. From man SSL_get0_alpn_selected:

SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, unsigned int *len);
SSL_get0_alpn_selected() returns a pointer to the selected protocol in data with length len.  It is
not NUL-terminated.  data is set to NULL and len is set to 0 if no protocol has been selected.
data must not be freed.

This bug can be reproduced by initalizing an OpenSSLStream and call its alpn() method after a TLS handshake has been completed and alpnCallback has been invoked.

The proposed solution is to use a const(ubyte)* pointer which is initialized to null and returned through a cast(string).

@s-ludwig s-ludwig merged commit 12bd88d into vibe-d:master Nov 25, 2018
1 of 2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants