[openssl-commits] [openssl] master update
Kurt Roeckx
kurt at openssl.org
Sat May 12 10:19:50 UTC 2018
The branch master has been updated
via 5f96a95e2562f026557f625e50c052e77c7bc2e8 (commit)
from a925e7dbf4c3bb01365c961df86da3ebfa1a6c27 (commit)
- Log -----------------------------------------------------------------
commit 5f96a95e2562f026557f625e50c052e77c7bc2e8
Author: Kurt Roeckx <kurt at roeckx.be>
Date: Sat May 12 12:08:14 2018 +0200
Set sess to NULL after freeing it.
Found by OSS-fuzz
Bug introduced in commit 61fb59238dad6452a37ec14513fae617a4faef29
Reviewed-by: Matt Caswell <matt at openssl.org>
GH: #6235
-----------------------------------------------------------------------
Summary of changes:
ssl/t1_lib.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index b312a14..c076782 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1384,6 +1384,7 @@ SSL_TICKET_STATUS tls_decrypt_ticket(SSL *s, const unsigned char *etick,
/* Some additional consistency checks */
if (slen != 0) {
SSL_SESSION_free(sess);
+ sess = NULL;
ret = SSL_TICKET_NO_DECRYPT;
goto end;
}
More information about the openssl-commits
mailing list