Subject: [Boost-bugs] [Boost C++ Libraries] #10088: Null Pointer Deference in engine.ipp
From: Boost C++ Libraries (noreply_at_[hidden])
Date: 2014-06-03 06:22:15
#10088: Null Pointer Deference in engine.ipp
-------------------------------------+----------------------------
Reporter: g.gupta@… | Owner: chris_kohlhoff
Type: Bugs | Status: new
Milestone: To Be Determined | Component: asio
Version: Boost Development Trunk | Severity: Optimization
Keywords: |
-------------------------------------+----------------------------
http://svn.boost.org/svn/boost/trunk/boost/asio/ssl/detail/impl/engine.ipp
In below code, ssl_ is checked to be non NUll (which is already done in
costructor), which means it can be NULL, but passed to SSL_get_shutdown
without NULL check. If it is passed to this function as NULL, it will
crash.
As ssl_ is already checked in constructor and there is no NULL check in
other functions also, checking to not NULL in 214 is always true and hence
can be avoided.
Please apply the patch.
{{{
212 // SSL v2 doesn't provide a protocol-level shutdown, so an eof on
the
213 // underlying transport is passed through.
214 if (ssl_ && ssl_->version == SSL2_VERSION)
215 return ec;
216
217 // Otherwise, the peer should have negotiated a proper shutdown.
218 if ((::SSL_get_shutdown(ssl_) & SSL_RECEIVED_SHUTDOWN) == 0)
}}}
-- Ticket URL: <https://svn.boost.org/trac/boost/ticket/10088> Boost C++ Libraries <http://www.boost.org/> Boost provides free peer-reviewed portable C++ source libraries.
This archive was generated by hypermail 2.1.7 : 2017-02-16 18:50:16 UTC