The branch OpenSSL_1_0_2-stable has been updated
via ec8f246e6ed4d39a8a5417078eaa49f3e757c25d (commit)
from b1d7eaaccfeece198c268912ec015a089fdaed39 (commit)
- Log -----------------------------------------------------------------
commit ec8f246e6ed4d39a8a5417078eaa49f3e757c25d
Author: Matt Caswell <[email protected]>
Date: Thu May 5 09:35:10 2016 +0100
Fix a double free in tls1_setup_key_block
If p2 == NULL then p1 can get freed twice and a crash could occur.
Issue reported by Shi Lei (Qihoo 360 Inc)
Reviewed-by: Viktor Dukhovni <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
ssl/t1_enc.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 514fcb3..b6d1ee9 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -673,7 +673,6 @@ int tls1_setup_key_block(SSL *s)
if ((p2 = (unsigned char *)OPENSSL_malloc(num)) == NULL) {
SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
- OPENSSL_free(p1);
goto err;
}
#ifdef TLS_DEBUG
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
