You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by sc...@apache.org on 2013/07/25 23:01:25 UTC

svn commit: r1507125 - in /tomcat/native/branches/1.1.x: native/src/sslutils.c xdocs/miscellaneous/changelog.xml

Author: schultz
Date: Thu Jul 25 21:01:25 2013
New Revision: 1507125

URL: http://svn.apache.org/r1507125
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53937

Eliminate double-call to apr_pool_destroy.


Modified:
    tomcat/native/branches/1.1.x/native/src/sslutils.c
    tomcat/native/branches/1.1.x/xdocs/miscellaneous/changelog.xml

Modified: tomcat/native/branches/1.1.x/native/src/sslutils.c
URL: http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/native/src/sslutils.c?rev=1507125&r1=1507124&r2=1507125&view=diff
==============================================================================
--- tomcat/native/branches/1.1.x/native/src/sslutils.c (original)
+++ tomcat/native/branches/1.1.x/native/src/sslutils.c Thu Jul 25 21:01:25 2013
@@ -1231,9 +1231,10 @@ static int ssl_ocsp_request(X509 *cert, 
            approach is to iterate for all the possible ocsp urls */
         resp = get_ocsp_response(cert, issuer, ocsp_urls[0]);
 
-        apr_pool_destroy(p);
-        if (resp != NULL)
+        if (resp != NULL) {
+            apr_pool_destroy(p);
             return process_ocsp_response(resp);
+        }
     }
     apr_pool_destroy(p);
     return OCSP_STATUS_UNKNOWN;

Modified: tomcat/native/branches/1.1.x/xdocs/miscellaneous/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/xdocs/miscellaneous/changelog.xml?rev=1507125&r1=1507124&r2=1507125&view=diff
==============================================================================
--- tomcat/native/branches/1.1.x/xdocs/miscellaneous/changelog.xml (original)
+++ tomcat/native/branches/1.1.x/xdocs/miscellaneous/changelog.xml Thu Jul 25 21:01:25 2013
@@ -47,6 +47,10 @@
       of APR improves performance. (rjung)
     </update>
     <fix>
+      <bug>29422</bug> Fixed double-free in ssl_ocsp_request</code>.
+      Patch provided by Aristotelis. (schultz)
+    </fix>
+    <fix>
       <bug>51655</bug> Added a decent description of what tcnative actually is.
       (schultz)
     </fix>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org