Fix heap use after free in TLS conn on errors

When a error causes the TLS connection to fail and stop, the conn struct is free on Tls_close_by_key(), so writing to conn->in_connect is not correct after that point. The solution is to only set the flag when the it is still valid. Reported-by: Alex <a1ex@dismail.de> Link: https://lists.mailman3.com/hyperkitty/list/dillo-dev@mailman3.com/thread/TY2JYCIPC7IQ32U6VC7ZOV3FVFFOE5K3/
author: Rodrigo Arias Mallo <rodarima@gmail.com> 2024-08-29 00:38:12 +0200
committer: Rodrigo Arias Mallo <rodarima@gmail.com> 2024-09-11 09:09:25 +0200
commit: 9b6c641637551a9946ca649c04e0a9fe3d39b05d (patch)
tree: 09d679096f18b98ae10326d225bf502c043d6880 /ChangeLog
parent: 8faec1d33e19bf86e2a1131daa48736e91497b67 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 5cb66591..a60b249a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -20,6 +20,7 @@ dillo-3.2.0 [Not released yet]
    GNU extensions.
  - Perform an emergency stop of the layout engine loop after 1000 iterations to
    prevent a hang.
+ - Fix use-after-free on errors in TLS connection.
    Patches: Rodrigo Arias Mallo
 +- Add primitive support for SVG using the nanosvg.h library.
    Patches: dogma, Rodrigo Arias Mallo
author	Rodrigo Arias Mallo <rodarima@gmail.com>	2024-08-29 00:38:12 +0200
committer	Rodrigo Arias Mallo <rodarima@gmail.com>	2024-09-11 09:09:25 +0200
commit	9b6c641637551a9946ca649c04e0a9fe3d39b05d (patch)
tree	09d679096f18b98ae10326d225bf502c043d6880 /ChangeLog
parent	8faec1d33e19bf86e2a1131daa48736e91497b67 (diff)