[Live-devel] Bug fix: Missing member initialization in TLSState

Horst Possegger Wed, 22 Jan 2020 16:07:00 -0800

Hi,

TLSState::reset() may cause a segmentation fault because not all members
of TLSState are properly initialized.
In particular, lines 26-28 of liveMedia/TLSState.cpp (version
2020.01.19) should initialize "fCon" and "fCtx", too:


#ifndef NO_OPENSSL
  , fClient(client), fHasBeenSetup(False), fCon(NULL), fCtx(NULL)
#endif

Otherwise, the SSL_free/SSL_CTX_free calls in TLSState::reset() (lines
85 and 86) would access invalid memory locations.
I've experienced this segfault today and tracked it down via valgrind.

Initialization as above fixes this bug. Please add the initialization tothe live555 code base.


Best regards,
Horst
_______________________________________________
live-devel mailing list
live-devel@lists.live555.com
http://lists.live555.com/mailman/listinfo/live-devel

[Live-devel] Bug fix: Missing member initialization in TLSState

Reply via email to