bug-wget
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug-wget] [PATCH 1/2] Fix double free bug caused by opt.private_key and


From: Rohit Mathulla
Subject: [Bug-wget] [PATCH 1/2] Fix double free bug caused by opt.private_key and opt.cert_file pointing to the same location
Date: Fri, 24 Apr 2015 15:48:29 +1000

* src/openssl.c, src/gnutls.c (ssl_init): Copy options using xstrdup
---

Wget crashes with a double free bug when compiled with -DDEBUG_MALLOC and only
one option of --certificate or --private-key is given. To reproduce it, run

./src/wget --certificate=sample.pem https://www.example.org

This occurs with both gnutls and openssl.

Thanks,
Rohit

 src/gnutls.c  | 4 ++--
 src/openssl.c | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/gnutls.c b/src/gnutls.c
index 5a89e06..be04342 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -184,13 +184,13 @@ ssl_init (void)
   /* Use the private key from the cert file unless otherwise specified. */
   if (opt.cert_file && !opt.private_key)
     {
-      opt.private_key = opt.cert_file;
+      opt.private_key = xstrdup (opt.cert_file);
       opt.private_key_type = opt.cert_type;
     }
   /* Use the cert from the private key file unless otherwise specified. */
   if (!opt.cert_file && opt.private_key)
     {
-      opt.cert_file = opt.private_key;
+      opt.cert_file = xstrdup (opt.private_key);
       opt.cert_type = opt.private_key_type;
     }
 
diff --git a/src/openssl.c b/src/openssl.c
index b8a9614..b6cdb8d 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -292,7 +292,7 @@ ssl_init (void)
   /* Use the private key from the cert file unless otherwise specified. */
   if (opt.cert_file && !opt.private_key)
     {
-      opt.private_key = opt.cert_file;
+      opt.private_key = xstrdup (opt.cert_file);
       opt.private_key_type = opt.cert_type;
     }
 
-- 
2.3.0




reply via email to

[Prev in Thread] Current Thread [Next in Thread]