[stunnel-users] Possible use-after-free in stunnel 4.52

Michal Trojnara Michal.Trojnara at mirt.net
Wed Feb 1 16:35:27 CET 2012

David Shaw wrote:
> I am using stunnel 4.52 in client mode with exec and connect.  The
> client program that stunnel execs periodically exits, and is properly
> re-started by stunnel, as I have "retry = yes" set.  However, after a
> retry, I occasionally get a segfault inside one of the OpenSSL
> libraries.  It does not happen right away, but once it happens, every
> retry causes the same segfault.

I confirm your observation.

While investigating this issue I noticed that also c->err is 
uninitialized in connect_local().

Please try:


More information about the stunnel-users mailing list