Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Segmentation fault possible in md_acme_order.c:check_challenges() #324

Closed
bitscher opened this issue Oct 31, 2023 · 2 comments
Closed

Segmentation fault possible in md_acme_order.c:check_challenges() #324

bitscher opened this issue Oct 31, 2023 · 2 comments

Comments

@bitscher
Copy link

bitscher commented Oct 31, 2023
edited
Loading

In function

mod_md/src/md_acme_order.c

Line 497 in 1e105f8

static apr_status_t check_challenges(void *baton, int attempt)

Call to md_acme_authz_retrieve() can fail and authz will be set to NULL.
Dereferencing it in the error handling will result in a segmentation fault.

mod_md/src/md_acme_order.c

Lines 510 to 511 in 1e105f8

rv = md_acme_authz_retrieve(ctx->acme, ctx->p, url, &authz);
if (APR_SUCCESS == rv) {

mod_md/src/md_acme_order.c

Lines 538 to 542 in 1e105f8

}
else {
md_result_printf(ctx->result, rv, "authorization retrieval failed for domain %s",
authz->domain);
}

icing added a commit that referenced this issue Oct 31, 2023
@icing
Fix deref of possible NULL pointer when ACME server responded with error
baa693f 
- refs #324
- when an order could not be retrieved from the ACME server, this was
  logged using the NULL item which could not be retrieved. Now reporting
  the context name and the URL in error
@icing icing mentioned this issue Oct 31, 2023
Merged
@icing
Copy link
Owner

icing commented Oct 31, 2023

Thanks for the report! This indeed looks wrong. Please see #325 for a fix.

@icing
Copy link
Owner

icing commented Oct 31, 2023

release in v2.4.25

@icing icing closed this as completed Oct 31, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@icing @bitscher