[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Mon Jul 2 13:47:49 UTC 2018
The branch master has been updated
via b6ff436fcb597663ffcfe6d724d207cf120e7250 (commit)
from 5281bb2252be6575ebb7a8b683e6bd160476fa2a (commit)
- Log -----------------------------------------------------------------
commit b6ff436fcb597663ffcfe6d724d207cf120e7250
Author: Matt Caswell <matt at openssl.org>
Date: Tue Jun 26 15:40:54 2018 +0100
Fix a NULL ptr deref in error path in tls_process_cke_dhe()
Fixes #6574
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6593)
-----------------------------------------------------------------------
Summary of changes:
ssl/statem/statem_srvr.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 9c44be0..26cd850 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -3129,14 +3129,13 @@ static int tls_process_cke_dhe(SSL *s, PACKET *pkt)
SSL_R_BN_LIB);
goto err;
}
+
cdh = EVP_PKEY_get0_DH(ckey);
pub_key = BN_bin2bn(data, i, NULL);
-
- if (pub_key == NULL || !DH_set0_key(cdh, pub_key, NULL)) {
+ if (pub_key == NULL || cdh == NULL || !DH_set0_key(cdh, pub_key, NULL)) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_DHE,
ERR_R_INTERNAL_ERROR);
- if (pub_key != NULL)
- BN_free(pub_key);
+ BN_free(pub_key);
goto err;
}
More information about the openssl-commits
mailing list