[OpenSIPS-Devel] [OpenSIPS/opensips] db899f: stir_shaken: Fix heap corruption due to X509_STORE...
Liviu Chircu
noreply at github.com
Wed Apr 14 20:00:09 EST 2021
Branch: refs/heads/master
Home: https://github.com/OpenSIPS/opensips
Commit: db899f6df1110463935ce57745f82294a55f6f7a
https://github.com/OpenSIPS/opensips/commit/db899f6df1110463935ce57745f82294a55f6f7a
Author: Liviu Chircu <liviu at opensips.org>
Date: 2021-04-14 (Wed, 14 Apr 2021)
Changed paths:
M modules/stir_shaken/stir_shaken.c
Log Message:
-----------
stir_shaken: Fix heap corruption due to X509_STORE_CTX misusage
As advised by the OpenSSL docs:
"The certificates and CRLs in a store are used internally and should not
be freed up until after the associated X509_STORE_CTX is freed."
... whereas the code would attempt to create a global X509_STORE_CTX
object a single time, at OpenSIPS startup, then re-use it on each
stir_shaken_verify() call. However, the certs would unfortunately get
freed after each verification, thus breaking the library requirements.
The solution is to simply create and free a X509_STORE_CTX object on
each verification.
Many thanks to Sandro Gauci (Enable Security) for the find!
Issue discovered during OpenSIPIt'01 (https://opensipit.org/)
More information about the Devel
mailing list