The following is a patch for crypto/pem/pem_lib.c
on openssl-0.9.6g
408,409c408,412
memset(data,0,(unsigned int)dsize);
OPENSSL_free(data);
---
if (data)
{
memset(data,0,(unsigned int)dsize);
OPENSSL_free(data);
}
This is because it is possible to end up at this code from
a couple of goto errs prior to allocating data.
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]