The X509_VERIFY_PARAM_new() function looks like this in 1.0.0:
X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void)
{
X509_VERIFY_PARAM *param;
param = OPENSSL_malloc(sizeof(X509_VERIFY_PARAM));
memset(param, 0, sizeof(X509_VERIFY_PARAM));
x509_verify_param_zero(param);
return param;
}
The return value of OPENSSL_malloc() is not checked, resulting in a crash if it
is NULL.
Let me know if you need any other information.
Thanks,
Jamie
[email protected]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
