[openssl-commits] [openssl] master update

bernd.edlinger at hotmail.de bernd.edlinger at hotmail.de
Mon Jul 10 14:37:46 UTC 2017 

The branch master has been updated
       via  aa8dfbc421c1bcb5ba508802629c8005340f3a9e (commit)
       via  e1ca9e1f6db97052a0ebea6591f323b12b1e0020 (commit)
      from  c7c7a8e60155d839671297d80680e6010bff2897 (commit)


- Log -----------------------------------------------------------------
commit aa8dfbc421c1bcb5ba508802629c8005340f3a9e
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date:   Sun Jul 9 21:24:18 2017 +0200

    Fix error handling in get_header_and_data.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    (Merged from https://github.com/openssl/openssl/pull/3896)

commit e1ca9e1f6db97052a0ebea6591f323b12b1e0020
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date:   Sun Jul 9 21:22:26 2017 +0200

    Fix crash in BUF_MEM_grow_clean.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    (Merged from https://github.com/openssl/openssl/pull/3896)

-----------------------------------------------------------------------

Summary of changes:
 crypto/buffer/buffer.c | 6 ++++--
 crypto/pem/pem_lib.c   | 3 ++-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c
index 6b0bd4a..ad7128a 100644
--- a/crypto/buffer/buffer.c
+++ b/crypto/buffer/buffer.c
@@ -62,9 +62,11 @@ static char *sec_alloc_realloc(BUF_MEM *str, size_t len)
 
     ret = OPENSSL_secure_malloc(len);
     if (str->data != NULL) {
-        if (ret != NULL)
+        if (ret != NULL) {
             memcpy(ret, str->data, str->length);
-        OPENSSL_secure_free(str->data);
+            OPENSSL_secure_free(str->data);
+            str->data = NULL;
+        }
     }
     return (ret);
 }
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index aacdad9..2a52aca 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -859,7 +859,8 @@ static int get_header_and_data(BIO *bp, BIO **header, BIO **data, char *name,
          * Else, a line of text -- could be header or data; we don't
          * know yet.  Just pass it through.
          */
-        BIO_puts(tmp, linebuf);
+        if (BIO_puts(tmp, linebuf) < 0)
+            goto err;
         /*
          * Only encrypted files need the line length check applied.
          */

More information about the openssl-commits mailing list