-
-
Notifications
You must be signed in to change notification settings - Fork 33.2k
Description
Looks like code in this check cannot ever be reached:
Lines 2824 to 2827 in 2b94a05
newsession = d2i_SSL_SESSION(NULL, &const_p, slen); | |
if (session == NULL) { | |
goto error; | |
} |
At this point session
cannot be NULL
, because it is checked right above:
Lines 2803 to 2806 in 2b94a05
if (session == NULL) { | |
PyErr_SetString(PyExc_ValueError, "Invalid session"); | |
goto error; | |
} |
I guess that it was intended to check newsession
variable instead.
Docs say: https://www.openssl.org/docs/man1.0.2/man3/d2i_SSL_SESSION.html
d2i_SSL_SESSION() returns a pointer to the newly allocated SSL_SESSION object. In case of failure the NULL-pointer is returned and the error message can be retrieved from the error stack.
One more thing that bothers me here is that error is not set. We just return NULL
which can theoretically crash the interpeter.
So, my plan is to:
- Check
newsession
instead - Add a
ValueError
there
Originally introduced in 99a6570
PR is on its way.
Found by Linux Verification Center (portal.linuxtesting.ru) with SVACE.
Author A. Voronin.