On Tue, Aug 11, 2020 at 03:38:52PM +0200, William Dauchy wrote: > On Tue, Aug 11, 2020 at 11:36 AM William Lallemand > <[email protected]> wrote: > > I just pushed this fix on top on your patch, the sk_X509_pop_free() was > > provoking a double free in the session release. > > > > e3a5f84 BUG/MINOR: ssl: double free w/ smp_fetch_ssl_x_chain_der() > > ok sorry for that and thanks for the fix. Strange that I did not notice it.
Don't worry about it, the old OpenSSL API is really shitty, you never knows if there is a ref up or not depending of the function... They started to fix that by putting "get0" or "get1" in the new function names. -- William Lallemand
