[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Dr. Stephen Henson
steve at openssl.org
Thu Sep 15 11:52:54 UTC 2016
The branch OpenSSL_1_0_2-stable has been updated
via d69247598991c61dfb68d4fe3b08346b02644812 (commit)
via ea060e026dd29ea0eaf66ad8686f966c8c81eb7f (commit)
from b05f231cd97d80a2a46b6f4d0b145e84c729c39b (commit)
- Log -----------------------------------------------------------------
commit d69247598991c61dfb68d4fe3b08346b02644812
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Wed Sep 14 23:42:55 2016 +0100
Fix memory leak on realloc error.
Backport leak fix from master branch.
Thanks to Shi Lei (Gear Team, Qihoo 360 Inc.) for reporting this bug.
Reviewed-by: Rich Salz <rsalz at openssl.org>
commit ea060e026dd29ea0eaf66ad8686f966c8c81eb7f
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Wed Sep 14 23:54:12 2016 +0100
Fix memory leak on error.
Thanks to Shi Lei (Gear Team, Qihoo 360 Inc.) for reporting this bug.
Reviewed-by: Rich Salz <rsalz at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
ssl/ssl_asn1.c | 3 +++
ssl/ssl_rsa.c | 9 ++++++---
2 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index 35cc27c..499f0e8 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -527,6 +527,9 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
if (os.length > SSL_MAX_SID_CTX_LENGTH) {
c.error = SSL_R_BAD_LENGTH;
c.line = __LINE__;
+ OPENSSL_free(os.data);
+ os.data = NULL;
+ os.length = 0;
goto err;
} else {
ret->sid_ctx_length = os.length;
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index 8202247..f679801 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -912,6 +912,8 @@ static int serverinfo_process_buffer(const unsigned char *serverinfo,
int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
size_t serverinfo_length)
{
+ unsigned char *new_serverinfo;
+
if (ctx == NULL || serverinfo == NULL || serverinfo_length == 0) {
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO, ERR_R_PASSED_NULL_PARAMETER);
return 0;
@@ -928,12 +930,13 @@ int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO, ERR_R_INTERNAL_ERROR);
return 0;
}
- ctx->cert->key->serverinfo = OPENSSL_realloc(ctx->cert->key->serverinfo,
- serverinfo_length);
- if (ctx->cert->key->serverinfo == NULL) {
+ new_serverinfo = OPENSSL_realloc(ctx->cert->key->serverinfo,
+ serverinfo_length);
+ if (new_serverinfo == NULL) {
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO, ERR_R_MALLOC_FAILURE);
return 0;
}
+ ctx->cert->key->serverinfo = new_serverinfo;
memcpy(ctx->cert->key->serverinfo, serverinfo, serverinfo_length);
ctx->cert->key->serverinfo_length = serverinfo_length;
More information about the openssl-commits
mailing list