Fix thread-safety issue in debug.c

2025-03-06 22:09:53 +00:00 · 2015-06-27 11:48:01 +02:00 · 2015-06-27 11:48:01 +02:00 · 26d88cf154
parent 5324d411da
commit 26d88cf154
3 changed files with 24 additions and 5 deletions
--- a/3
+++ b/3
@ -6,6 +6,9 @@ Security
   * Increase the minimum size of Diffie-Hellman parameters accepted by the
     lient to 1024 bits, to protect against Logjam attack.

+Bugfix
+   * Fix thread-safety issue in the SSL debug module.
+
 Changes
   * Add SSL_MIN_DHM_BYTES configuration parameter in config.h to choose the
     minimum size of Diffie-Hellman parameters accepted by the client.
--- a/include/polarssl/debug.h
+++ b/include/polarssl/debug.h
@ -30,7 +30,7 @@
 #if defined(POLARSSL_DEBUG_C)

 #define SSL_DEBUG_MSG( level, args )                    \
-    debug_print_msg( ssl, level, __FILE__, __LINE__, debug_fmt args );
+    debug_print_msg_free( ssl, level, __FILE__, __LINE__, debug_fmt args );

 #define SSL_DEBUG_RET( level, text, ret )                \
    debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret );
@ -60,6 +60,9 @@ extern "C" {

 char *debug_fmt( const char *format, ... );

+void debug_print_msg_free( const ssl_context *ssl, int level,
+                           const char *file, int line, char *text );
+
 void debug_print_msg( const ssl_context *ssl, int level,
                      const char *file, int line, const char *text );

--- a/library/debug.c
+++ b/library/debug.c
@ -37,20 +37,33 @@
 #define vsnprintf _vsnprintf
 #endif

+#define DEBUG_BUF_SIZE  512
+
 char *debug_fmt( const char *format, ... )
 {
    va_list argp;
-    static char str[512];
-    int maxlen = sizeof( str ) - 1;
+    char *str = malloc( DEBUG_BUF_SIZE );
+
+    if( str == NULL )
+        return( NULL );

    va_start( argp, format );
-    vsnprintf( str, maxlen, format, argp );
+    vsnprintf( str, DEBUG_BUF_SIZE - 1, format, argp );
    va_end( argp );

-    str[maxlen] = '\0';
+    str[DEBUG_BUF_SIZE - 1] = '\0';
    return( str );
 }

+void debug_print_msg_free( const ssl_context *ssl, int level,
+                           const char *file, int line, char *text )
+{
+    if( text != NULL )
+        debug_print_msg( ssl, level, file, line, text );
+
+    free( text );
+}
+
 void debug_print_msg( const ssl_context *ssl, int level,
                      const char *file, int line, const char *text )
 {