[Pidgin] #11525: double free if ssl handshake fails with jabber
Pidgin
trac at pidgin.im
Mon Mar 8 15:42:36 EST 2010
#11525: double free if ssl handshake fails with jabber
--------------------+-------------------------------------------------------
Reporter: ari | Owner: deryni
Type: defect | Status: new
Milestone: | Component: XMPP
Version: 2.6.6 | Resolution:
Keywords: |
--------------------+-------------------------------------------------------
Comment(by darkrain42):
Haha, this is a very interesting crash.
Jabber's tls_init() calls
`js->gsc = purple_ssl_connect_with_host_fd(js->gc->account, js->fd,
jabber_login_callback_ssl, jabber_ssl_connect_failure,
js->certificate_CN, js->gc);`
and that assignment ends up happening ''after'' the call to
jabber_ssl_connect_failure (which sets `js->gsc` to NULL) because the NSS
error is being triggered synchronously.
Something needs to be moved into a 0-second timeout to fix the synch
issue; either have purple_ssl_connect_...() always return a valid object
and start the connection asyncly or have the nss plugin (and quite
possibly gnutls) trigger errors in those codepaths via timeouts.
--
Ticket URL: <http://developer.pidgin.im/ticket/11525#comment:2>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list