Hi,
On 01/06/2023 11:57, Arne Schwabe wrote:
In many scenerios the context will still have a reference to the cipher, so
scenerios -> scenarios
this use-after-free does not explode but it is still wrong.
Good catch - glad we're so lucky :-)
Change-Id:
In many scenerios the context will still have a reference to the cipher, so
this use-after-free does not explode but it is still wrong.
Change-Id: I59002d6613eaef36d5a47b20b56073e399cfa1df
Signed-off-by: Arne Schwabe
---
src/openvpn/crypto_openssl.c | 3 ++-
1 file changed, 2 insertions(+), 1
This part of the function is not used by any part of
our source code. It looks also broken if called with kt!=NULL
The function cipher_kt_key_size expects its argument to be not
NULL and would break. So remove the unused code instead of fixing
it.
Found by Coverity.
Change-Id: