Environment:
db version v3.1.1-pre-
git version: 5e7aa5c9efdea28cc82ff8d0ea0e3a76cf5c94f8
OpenSSL version: OpenSSL 1.0.1m-fips 19 Mar 2015
Scenario:
Low bit corruption with SSL enabled
Problem:
- Memory allocated in here
- SSLConnection* sslConn = new SSLConnection(_serverContext, socket, initialBytes, len);
- Memory has not been released during the error handler _handleSSLError()
consider replacing the sslconnection w/ auto release pointer
* socket, const char* initialBytes, int len) { SSLConnection* sslConn = new SSLConnection(_serverContext, socket, initialBytes, len); ScopeGuard sslGuard = MakeGuard(::SSL_free, sslConn->ssl); ScopeGuard bioGuard = MakeGuard(::BIO_free, sslConn->networkBIO); int ret; do { ret = ::SSL_accept(sslConn->ssl); } while(!_doneWithSSLOp(sslConn, ret)); if (ret != 1) _handleSSLError(SSL_get_error(sslConn, ret), ret); sslGuard.Dismiss(); bioGuard.Dismiss();