Not tested, as the offending code flow is quite obvious "in hindsight", and
making the pointer NULL after free() is a sufficient safeguard against
double free().  A slightly more readable construction could have used
to different "info" variables for the two different scopes, each with
its own individual free(), exactly one per variable... but that's a
larger change.

Your patch has been applied to the master branch.

Application to 2.6 and earlier is not needed, the offending code is new
(e9ad1b3 or 3512e8d).

commit f7aedca70e24e9a35f0cbd33d1aa708b4daf0055
Author: Lev Stipakov
Date:   Thu Apr 17 15:46:30 2025 +0200

     ssl_openssl.c: Prevent potential double-free

     Signed-off-by: Lev Stipakov <l...@openvpn.net>
     Acked-by: Antonio Quartulli <anto...@mandelbit.com>
     Message-Id: <20250417134636.21279-1-g...@greenie.muc.de>
     URL: 
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg31478.html
     Signed-off-by: Gert Doering <g...@greenie.muc.de>


--
kind regards,

Gert Doering



_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Reply via email to