[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Rich Salz
rsalz at openssl.org
Sun Nov 27 01:09:02 UTC 2016
The branch OpenSSL_1_0_2-stable has been updated
via be3a7ddef6c61ef59228acd2dd5e511e3334445c (commit)
from c477f8e7165d30c5c8ca98f7409714f56dc2048c (commit)
- Log -----------------------------------------------------------------
commit be3a7ddef6c61ef59228acd2dd5e511e3334445c
Author: Vitezslav Cizek <vcizek at suse.com>
Date: Thu Nov 24 13:21:41 2016 +0100
apps/speed.c: Fix crash when config loading fails
Move rsa_key initialization in front of load_config().
If loading the config fails, rsa_key isn't initialized and may
cause invalid free() in the end: cleanup.
Remove superfluous memset.
Reviewed-by: Andy Polyakov <appro at openssl.org>
Reviewed-by: Rich Salz <rsalz at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
apps/speed.c | 10 ++++------
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/apps/speed.c b/apps/speed.c
index f16b3c9..6cd1021 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -670,6 +670,10 @@ int MAIN(int argc, char **argv)
ecdh_b[i] = NULL;
}
# endif
+# ifndef OPENSSL_NO_RSA
+ for (i = 0; i < RSA_NUM; i++)
+ rsa_key[i] = NULL;
+# endif
if (bio_err == NULL)
if ((bio_err = BIO_new(BIO_s_file())) != NULL)
@@ -678,12 +682,6 @@ int MAIN(int argc, char **argv)
if (!load_config(bio_err, NULL))
goto end;
-# ifndef OPENSSL_NO_RSA
- memset(rsa_key, 0, sizeof(rsa_key));
- for (i = 0; i < RSA_NUM; i++)
- rsa_key[i] = NULL;
-# endif
-
if ((buf = (unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) {
BIO_printf(bio_err, "out of memory\n");
goto end;
More information about the openssl-commits
mailing list