eclipse/tinydtls
1
0
Fork 0
mirror of https://github.com/eclipse/tinydtls.git synced 2025-10-14 03:10:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

dtls.c: Fix incomplete release of peer

Browse Source 
In handle_0_verified_client_hello(), an existing peer is released and
replaced by a new peer object. To ensure that references to this peer
are cleared, dtls_destroy_peer() must be called.

Moreover, when handle_verified_client_hello() fails for the new peer
structure, dtls_destroy_peer() must be called for that peer as well to
ensure removal from the sendqueue. DTLS_DESTROY_PEER is specified to
indicate that the peer should not continue the handshake.

This issue has been reported by Shisong Qin.

Change-Id: I522ba03f93914d0c08aac5b810309c17cf660185
This commit is contained in:
Olaf Bergmann
2022-07-06 17:57:00 +02:00
parent 5c24c6c037
commit 7bdce7f158
1 changed files with 2 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
dtls.c
View File

@@ -3884,9 +3884,7 @@ handle_0_verified_client_hello(dtls_context_t *ctx, dtls_ephemeral_peer_t *ephem
dtls_peer_t *peer = dtls_get_peer(ctx, ephemeral_peer->session);
if (peer) {
dtls_debug("removing the peer, new handshake\n");
DEL_PEER(ctx->peers, peer);
dtls_free_peer(peer);
dtls_destroy_peer(ctx, peer, 0);
peer = NULL;
}
dtls_debug("creating new peer\n");
@@ -3928,8 +3926,7 @@ handle_0_verified_client_hello(dtls_context_t *ctx, dtls_ephemeral_peer_t *ephem
err = handle_verified_client_hello(ctx, peer, data, data_length);
if (err < 0) {
DEL_PEER(ctx->peers, peer);
dtls_free_peer(peer);
dtls_destroy_peer(ctx, peer, DTLS_DESTROY_CLOSE);
return err;
}