SSL: fixed unlocked access to sess_id->len.

author: Ruslan Ermilov <ru@nginx.com> 2018-09-25 14:07:59 +0300
committer: Ruslan Ermilov <ru@nginx.com> 2018-09-25 14:07:59 +0300
commit: a50dec6d6ac480b70b4fdf51507a1eda8a015e1b (patch)
tree: 1de689e3fc4261f44d0e0b33c7ae10948bd5bdff /src
parent: 99e06c69c535b545399baab352b4acfcd653647b (diff)
download: nginx-a50dec6d6ac480b70b4fdf51507a1eda8a015e1b.tar.gz
nginx-a50dec6d6ac480b70b4fdf51507a1eda8a015e1b.zip
1 files changed, 5 insertions, 2 deletions
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
index 3a0e150d2..751291348 100644
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -3146,6 +3146,7 @@ ngx_ssl_get_cached_session(ngx_ssl_conn_t *ssl_conn,
     const
 #endif
     u_char                   *p;
+    size_t                    slen;
     uint32_t                  hash;
     ngx_int_t                 rc;
     ngx_shm_zone_t           *shm_zone;
@@ -3201,12 +3202,14 @@ ngx_ssl_get_cached_session(ngx_ssl_conn_t *ssl_conn,
         if (rc == 0) {
 
             if (sess_id->expire > ngx_time()) {
-                ngx_memcpy(buf, sess_id->session, sess_id->len);
+                slen = sess_id->len;
+
+                ngx_memcpy(buf, sess_id->session, slen);
 
                 ngx_shmtx_unlock(&shpool->mutex);
 
                 p = buf;
-                sess = d2i_SSL_SESSION(NULL, &p, sess_id->len);
+                sess = d2i_SSL_SESSION(NULL, &p, slen);
 
                 return sess;
             }
author	Ruslan Ermilov <ru@nginx.com>	2018-09-25 14:07:59 +0300
committer	Ruslan Ermilov <ru@nginx.com>	2018-09-25 14:07:59 +0300
commit	a50dec6d6ac480b70b4fdf51507a1eda8a015e1b (patch)
tree	1de689e3fc4261f44d0e0b33c7ae10948bd5bdff /src
parent	99e06c69c535b545399baab352b4acfcd653647b (diff)
download	nginx-a50dec6d6ac480b70b4fdf51507a1eda8a015e1b.tar.gz nginx-a50dec6d6ac480b70b4fdf51507a1eda8a015e1b.zip