Commit 1c4f7b1035 for openssl.org
commit 1c4f7b10358b79a0b33619187caa2b7e3bdb6e7a
Author: Joshua Rogers <MegaManSec@users.noreply.github.com>
Date: Sun Oct 12 05:39:25 2025 +0800
crypto/bio/bss_acpt: reset accept_sock and b->num after close in ACPT_S_LISTEN failures
On BIO_listen or BIO_sock_info failure we close the socket but leave
accept_sock and b->num pointing at the old fd. Later cleanup can double
close.
Set both to INVALID_SOCKET immediately after BIO_closesocket.
Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com>
Reviewed-by: Saša NedvÄ›dický <sashan@openssl.org>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28904)
diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c
index 7c55cc05de..881cfe50ca 100644
--- a/crypto/bio/bss_acpt.c
+++ b/crypto/bio/bss_acpt.c
@@ -248,6 +248,8 @@ static int acpt_state(BIO *b, BIO_ACCEPT *c)
BIO_ADDRINFO_address(c->addr_iter),
c->bind_mode)) {
BIO_closesocket(c->accept_sock);
+ c->accept_sock = (int)INVALID_SOCKET;
+ b->num = (int)INVALID_SOCKET;
goto exit_loop;
}
}
@@ -259,6 +261,8 @@ static int acpt_state(BIO *b, BIO_ACCEPT *c)
if (!BIO_sock_info(c->accept_sock, BIO_SOCK_INFO_ADDRESS,
&info)) {
BIO_closesocket(c->accept_sock);
+ c->accept_sock = (int)INVALID_SOCKET;
+ b->num = (int)INVALID_SOCKET;
goto exit_loop;
}
}