[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

Viktor Dukhovni viktor at openssl.org
Sat Feb 10 02:09:48 UTC 2018


The branch OpenSSL_1_1_0-stable has been updated
       via  04f53be990f9d1d7c5f7b8f10568df6ebafccf65 (commit)
      from  5a91d3888832d96400630e76a15121ead56aeeec (commit)


- Log -----------------------------------------------------------------
commit 04f53be990f9d1d7c5f7b8f10568df6ebafccf65
Author: Viktor Dukhovni <openssl-users at dukhovni.org>
Date:   Fri Feb 9 18:34:33 2018 -0500

    Avoid leaking peername data via accept BIOs
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (cherry picked from commit 4e0752535eb87b9aab4cf193f4422b5801ab7b32)

-----------------------------------------------------------------------

Summary of changes:
 crypto/bio/bss_acpt.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c
index f0fe7f0..4be4781 100644
--- a/crypto/bio/bss_acpt.c
+++ b/crypto/bio/bss_acpt.c
@@ -271,6 +271,11 @@ static int acpt_state(BIO *b, BIO_ACCEPT *c)
             BIO_clear_retry_flags(b);
             b->retry_reason = 0;
 
+            OPENSSL_free(c->cache_peer_name);
+            c->cache_peer_name = NULL;
+            OPENSSL_free(c->cache_peer_serv);
+            c->cache_peer_serv = NULL;
+
             s = BIO_accept_ex(c->accept_sock, &c->cache_peer_addr,
                               c->accepted_mode);
 


More information about the openssl-commits mailing list