The following is a patch for crypto/pem/pem_lib.c
on openssl-0.9.6g
408,409c408,412
< memset(data,0,(unsigned int)dsize);
< OPENSSL_free(data);
---
> if (data)
> {
> memset(data,0,(unsigned int)dsize);
> OPENSSL_free(data);
> }
This is because it is possible to end up at this code from
a couple of "goto err"s prior to allocating data.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
