[openssl/openssl] bc0773: Fix a possible use-after-free in custom_exts_free
Bernd Edlinger
noreply at github.com
Wed Nov 22 08:38:08 UTC 2023
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: bc0773bbbd4d3ace6957385f1f22a5cda25dc94f
https://github.com/openssl/openssl/commit/bc0773bbbd4d3ace6957385f1f22a5cda25dc94f
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date: 2023-11-22 (Wed, 22 Nov 2023)
Changed paths:
M ssl/statem/extensions_cust.c
Log Message:
-----------
Fix a possible use-after-free in custom_exts_free
This may happen when ssl_cert_dup calls custom_exts_copy, where
a possible memory allocation error causes custom_exts_free
to be called twice: once in the error handling of custom_exts_copy
and a second time in the error handling of ssl_cert_dup.
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22772)
More information about the openssl-commits
mailing list