TechnikEmpire / HttpFilteringEngine

Transparent filtering TLS proxy.
Mozilla Public License 2.0
60 stars 33 forks source link

Double free inside base certificate store class #135

Open TechnikEmpire opened 7 years ago

TechnikEmpire commented 7 years ago

Because we pack the same pointers in internal storage with more than one reference (using SAN's etc for each cert), all of the contexts we store could potentially get double-free'd, and this will cause access violation as sure as you were born.

Switch internal storage to shared_ptr and don't manually delete. This will cause automatic, correct cleanup.