[openssl-dev] [openssl.org #3782] bug/leak in crypto/ec/ecp_smpl.c

Salz, Rich via RT rt at openssl.org
Mon Apr 6 12:45:10 UTC 2015

Previous message: [openssl-dev] [PATCH] remove double initialization of cryptodev engine
Next message: [openssl-dev] [openssl.org #3783] missing null pointer check in x509_lu.c
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

around line 135.  The old code has a memory leak, only freeing the BN if
it's NULL.

- if (!group->field)
-     BN_free(group->field);
- if (!group->a)
-     BN_free(group->a);
- if (!group->b)
-     BN_free(group->b);
+ BN_free(group->field);
+ BN_free(group->a);
+ BN_free(group->b);
.

Previous message: [openssl-dev] [PATCH] remove double initialization of cryptodev engine
Next message: [openssl-dev] [openssl.org #3783] missing null pointer check in x509_lu.c
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the openssl-dev mailing list