diff options
| author | msvensson@shellback.(none) <> | 2007-01-26 11:30:54 +0100 |
|---|---|---|
| committer | msvensson@shellback.(none) <> | 2007-01-26 11:30:54 +0100 |
| commit | 1a3cf64fc9018ce3a60523234621afe36a3bbf41 (patch) | |
| tree | 7eab9ac618ca44b112fcbcc3ff5fb92e0101be7b /vio | |
| parent | 645de0c5d7525b0481197e4f0a6f67f0f2c2785f (diff) | |
| download | mariadb-git-1a3cf64fc9018ce3a60523234621afe36a3bbf41.tar.gz | |
Bug#25203 Mysql crashes when mysql_kill() is executed in a connection using SSL
- It's too early to free the SSL object in 'vio_ssl_close'. There
might still be a thread using or reading from it on platforms
where we need to close the active connection/socket in order
to break the read.
- Add new function 'vio_ssl_delete' and install it as the viodelete
function for SSL connections.
Diffstat (limited to 'vio')
| -rw-r--r-- | vio/vio.c | 19 | ||||
| -rw-r--r-- | vio/vio_priv.h | 1 | ||||
| -rw-r--r-- | vio/viossl.c | 20 |
3 files changed, 28 insertions, 12 deletions
diff --git a/vio/vio.c b/vio/vio.c index 00b8964e30b..84b3e26fa52 100644 --- a/vio/vio.c +++ b/vio/vio.c @@ -86,7 +86,7 @@ static void vio_init(Vio* vio, enum enum_vio_type type, #ifdef HAVE_OPENSSL if (type == VIO_TYPE_SSL) { - vio->viodelete =vio_delete; + vio->viodelete =vio_ssl_delete; vio->vioerrno =vio_errno; vio->read =vio_ssl_read; vio->write =vio_ssl_write; @@ -220,17 +220,16 @@ Vio *vio_new_win32shared_memory(NET *net,HANDLE handle_file_map, HANDLE handle_m #endif #endif + void vio_delete(Vio* vio) { - /* It must be safe to delete null pointers. */ - /* This matches the semantics of C++'s delete operator. */ - if (vio) - { - if (vio->type != VIO_CLOSED) - vio->vioclose(vio); - my_free((gptr) vio->read_buffer, MYF(MY_ALLOW_ZERO_PTR)); - my_free((gptr) vio,MYF(0)); - } + if (!vio) + return; /* It must be safe to delete null pointers. */ + + if (vio->type != VIO_CLOSED) + vio->vioclose(vio); + my_free((gptr) vio->read_buffer, MYF(MY_ALLOW_ZERO_PTR)); + my_free((gptr) vio,MYF(0)); } diff --git a/vio/vio_priv.h b/vio/vio_priv.h index 6820e49273a..4a272e519a3 100644 --- a/vio/vio_priv.h +++ b/vio/vio_priv.h @@ -32,6 +32,7 @@ int vio_ssl_write(Vio *vio,const gptr buf,int size); /* When the workday is over... */ int vio_ssl_close(Vio *vio); +void vio_ssl_delete(Vio *vio); int vio_ssl_blocking(Vio *vio, my_bool set_blocking_mode, my_bool *old_mode); diff --git a/vio/viossl.c b/vio/viossl.c index 4267486112f..5e4203a3fb5 100644 --- a/vio/viossl.c +++ b/vio/viossl.c @@ -140,13 +140,29 @@ int vio_ssl_close(Vio *vio) SSL_get_error(ssl, r))); break; } - SSL_free(ssl); - vio->ssl_arg= 0; } DBUG_RETURN(vio_close(vio)); } +void vio_ssl_delete(Vio *vio) +{ + if (!vio) + return; /* It must be safe to delete null pointer */ + + if (vio->type == VIO_TYPE_SSL) + vio_ssl_close(vio); /* Still open, close connection first */ + + if (vio->ssl_arg) + { + SSL_free((SSL*) vio->ssl_arg); + vio->ssl_arg= 0; + } + + vio_delete(vio); +} + + int sslaccept(struct st_VioSSLFd *ptr, Vio *vio, long timeout) { SSL *ssl; |