subject:"\[openssl\-dev\] \[openssl.org #4403\] \[PATCH\] prevent OPENSSL_realloc\(\) from clobbering old pointer value on failure in OpenSSL\-1.1 pre\-4"

[openssl-dev] [openssl.org #4403] [PATCH] prevent OPENSSL_realloc() from clobbering old pointer value on failure in OpenSSL-1.1 pre-4

2016-05-12 Thread Stephen Henson via RT

Fixed now, along with a few similar cases. Thanks for the report. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4403 Please log in as guest with

[openssl-dev] [openssl.org #4403] [PATCH] prevent OPENSSL_realloc() from clobbering old pointer value on failure in OpenSSL-1.1 pre-4

2016-03-09 Thread Bill Parker via RT

Hello All, In reviewing code in directory 'crypto/modes', file 'ocb128.c', there is a call to OPENSSL_realloc() which has the potential to clobber the old value of variable 'ctx->l', if the call returns NULL. The patch file below uses a void *tmp_ptr to prevent this from occuring: ---