Hi, using openssl-0.9.4 on WIN32(NT4,VC6).
I found public-key structure doubly freed in function internal_verify
(crypto/x509/x509_vfy.c) in some case.
-----
if ((pkey=X509_get_pubkey(xi)) == NULL) <- allocates pubkey
{
: (snip)
}
if (X509_verify(xs,pkey) <= 0)
{
EVP_PKEY_free(pkey); <- free pubkey (*)
: (snip)
}
EVP_PKEY_free(pkey); <- in some case, doubly freed pubkey
pkey=NULL;
-----
Before found this, I had a problem that program crashed in EVP_PKEY_free
routine in some cert combination.
So modified (*) line as :
EVP_PKEY_free(pkey);
pkey = NULL;
It seems problem is solved. (Is this correct fix?)
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Takaaki Ishii
[EMAIL PROTECTED] from Fukuoka.Japan
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
