[openssl] OpenSSL_1_1_1-stable update

tmraz at fedoraproject.org tmraz at fedoraproject.org
Tue Oct 20 13:29:25 UTC 2020


The branch OpenSSL_1_1_1-stable has been updated
       via  7b324bb09f6313b370954fde8f2034a6055d8c2f (commit)
      from  ed7cdb954e96d463add20f584f5e7ce99560af27 (commit)


- Log -----------------------------------------------------------------
commit 7b324bb09f6313b370954fde8f2034a6055d8c2f
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date:   Tue Oct 20 14:16:30 2020 +0200

    Avoid potential doublefree on dh object assigned to EVP_PKEY
    
    Fixes regression from 7844f3c784bfc93c9b94ae5a4082f9d01e82e0af
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/13194)

-----------------------------------------------------------------------

Summary of changes:
 ssl/statem/statem_clnt.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 3bf8aacfc0..fd3b79c4ef 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2150,6 +2150,7 @@ static int tls_process_ske_dhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey)
                  ERR_R_EVP_LIB);
         goto err;
     }
+    dh = NULL;
 
     if (!ssl_security(s, SSL_SECOP_TMP_DH, EVP_PKEY_security_bits(peer_tmp),
                       0, peer_tmp)) {


More information about the openssl-commits mailing list