id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	uname	nginx_version
235	segfault with SNI and ssl_session_cache assymetrical configuration	Antony Dovgal	somebody	"Nginx 1.2.4 segfaults in ngx_ssl_new_session():

Program terminated with signal 11, Segmentation fault.
#0  0x000000000043bdb4 in ngx_ssl_new_session (ssl_conn=0xe225760, sess=0xf53f80) at src/event/ngx_event_openssl.c:1678
1678    src/event/ngx_event_openssl.c: No such file or directory.
        in src/event/ngx_event_openssl.c
(gdb) p shm_zone 
$1 = (ngx_shm_zone_t *) 0x0

The crash is only reproducible when using several SSL certificates AND using Safari on Mac as a browser.
Not reproducible with Firefox/Chrome/whatever on the same Mac.

The crash is caused by SSL_CTX_get_ex_data() returning NULL, which is then dereferenced without a check. Since this check is absent in trunk, I suppose the bug is reproducible there, too.

The fix seems to be quite simple, see attached patch."	defect	closed	minor		nginx-core	1.2.x	fixed			Linux www1 2.6.32.59-32.32-default #1 SMP 2012-05-29 21:43:39 +0200 x86_64 x86_64 x86_64 GNU/Linux	"nginx version: nginx/1.2.4
built by gcc 4.3.4 [gcc-4_3-branch revision 152973] (SUSE Linux) 
TLS SNI support enabled
configure arguments: --with-debug --add-module=../ngx_http_cashew_module.git --add-module=../ngx_http_cc_module.git --add-module=../ngx_http_ip_tos_module.git --add-module=../ngx_http_jpegresize_module.git --add-module=../ngx_http_pinba_module.git --add-module=../ngx_http_rangemap_module.git --add-module=../ngx_http_tcp_tweak_module.git --prefix=/local/nginx --add-module=../substitutions4nginx-read-only --with-openssl=../openssl-1.0.1c --with-pcre=../pcre-8.31 --with-pcre-jit --with-cc-opt='-g3 -O0 -DNGX_HAVE_ACCEPT4=1 -DNGX_HAVE_OPENAT=0 -I../ipp_7.0.6.293_intel64.git/include -I../libjpeg-turbo-1.2.1' --with-http_stub_status_module --with-http_realip_module --with-http_flv_module --with-http_gzip_static_module --with-http_ssl_module"