The branch master has been updated via 625679b6d79296e020bb0cad31d6ac24ad547a39 (commit) from a149f7502458dc022501c2347629cc847f2e1298 (commit)
- Log ----------------------------------------------------------------- commit 625679b6d79296e020bb0cad31d6ac24ad547a39 Author: Pauli <paul.d...@oracle.com> Date: Wed Aug 26 14:36:50 2020 +1000 EVP: NULL pctx pointer after free. Not doing so can result in a double free. Reviewed-by: Richard Levitte <levi...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12718) ----------------------------------------------------------------------- Summary of changes: crypto/evp/digest.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index f9ba59ca63..c9b4e3fd6e 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -34,8 +34,10 @@ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) * pctx should be freed by the user of EVP_MD_CTX * if EVP_MD_CTX_FLAG_KEEP_PKEY_CTX is set */ - if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX)) + if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX)) { EVP_PKEY_CTX_free(ctx->pctx); + ctx->pctx = NULL; + } #endif EVP_MD_free(ctx->fetched_digest);