Opened 7 years ago

Closed 7 years ago

#6303 closed Bugs (fixed)

possible crash in ssl stream initialization

Reported by: anonymous Owned by: chris_kohlhoff
Milestone: To Be Determined Component: asio
Version: Boost 1.48.0 Severity: Problem
Keywords: Cc:


boost::asio::ssl::detail::openssl_stream_service::create may pass a null pointer to SSL_set_mode when SSL_new indicates failure by returning a null pointer. This leads to segmentation faults on the platforms I tested.

Similar issues may hold for boost::asio::ssl::detail::openssl_context_service::create, but I could not yet reproduce this.

Change History (2)

comment:1 Changed 7 years ago by chris_kohlhoff

(In [79519]) Throw exception if SSL engine initialisation fails. Refs #6303

comment:2 Changed 7 years ago by chris_kohlhoff

Resolution: fixed
Status: newclosed

(In [79549]) Merge from trunk:

  • Make strand destruction a no-op, to allow strand objects to be destroyed after their associated io_service has been destroyed.
  • Use the thread keyword extension when compiling with gcc on linux x86.
  • Avoid calling work_finished() if a completion handler creates more work.
  • Eliminate redundant call to call_stack::contains(this) when dispatching a completion handler.
  • Add support for some newer versions of glibc which provide the epoll_create1 function but always fail with ENOSYS. Fixes #7012
  • Use SSE2 load and store fences.
  • Throw exception if SSL engine initialisation fails. Fixes #6303
  • Fix another regression in buffered_write_stream. Fixes #6310
Note: See TracTickets for help on using tickets.