[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Rich Salz rsalz at openssl.org
Sun Nov 27 01:09:02 UTC 2016


The branch OpenSSL_1_0_2-stable has been updated
       via  be3a7ddef6c61ef59228acd2dd5e511e3334445c (commit)
      from  c477f8e7165d30c5c8ca98f7409714f56dc2048c (commit)


- Log -----------------------------------------------------------------
commit be3a7ddef6c61ef59228acd2dd5e511e3334445c
Author: Vitezslav Cizek <vcizek at suse.com>
Date:   Thu Nov 24 13:21:41 2016 +0100

    apps/speed.c: Fix crash when config loading fails
    
    Move rsa_key initialization in front of load_config().
    If loading the config fails, rsa_key isn't initialized and may
    cause invalid free() in the end: cleanup.
    Remove superfluous memset.
    
    Reviewed-by: Andy Polyakov <appro at openssl.org>
    Reviewed-by: Rich Salz <rsalz at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 apps/speed.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/apps/speed.c b/apps/speed.c
index f16b3c9..6cd1021 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -670,6 +670,10 @@ int MAIN(int argc, char **argv)
         ecdh_b[i] = NULL;
     }
 # endif
+# ifndef OPENSSL_NO_RSA
+    for (i = 0; i < RSA_NUM; i++)
+        rsa_key[i] = NULL;
+# endif
 
     if (bio_err == NULL)
         if ((bio_err = BIO_new(BIO_s_file())) != NULL)
@@ -678,12 +682,6 @@ int MAIN(int argc, char **argv)
     if (!load_config(bio_err, NULL))
         goto end;
 
-# ifndef OPENSSL_NO_RSA
-    memset(rsa_key, 0, sizeof(rsa_key));
-    for (i = 0; i < RSA_NUM; i++)
-        rsa_key[i] = NULL;
-# endif
-
     if ((buf = (unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) {
         BIO_printf(bio_err, "out of memory\n");
         goto end;


More information about the openssl-commits mailing list