From bc4b7f08ba575cca2e7101d93b365a3a942645e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Sat, 7 Sep 2013 15:04:26 +0200 Subject: [PATCH] Fix possible race in ssl_list_ciphersuites() Thread A: executing for loop of ssl_list_ciphersuites() Thread B: call ssl_list_cipher_suites(), see init == 0 Thread A: return, start using the result Thread B: memset(0) on the list used by thread A --- library/ssl_ciphersuites.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 6089ca802..fdd7348dc 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -844,14 +844,12 @@ const int *ssl_list_ciphersuites( void ) size_t i; size_t max = sizeof(supported_ciphersuites) / sizeof(int); - memset( supported_ciphersuites, 0x00, sizeof(supported_ciphersuites) ); - - /* Leave room for a final 0 */ for( i = 0; i < max - 1 && p[i] != 0; i++ ) { if( ssl_ciphersuite_from_id( p[i] ) != NULL ) *(q++) = p[i]; } + *q = 0; supported_init = 1; }