[openssl-dev] [openssl.org #3682] [PATCH] Fix double free in ocsp_main()
Kurt Cancemi via RT
rt at openssl.org
Fri Jan 30 08:02:08 UTC 2015
There is a double free in ocsp_main() the attached patch fixes the issue.
The user provides the -url argument to the ocsp utility and if
OCSP_parse_url fails it frees the variable host then the variable host
is assigned to thost and then the function goes on and goes to end and
then the variable thost is freed causing a double free.
---
Kurt Cancemi
https://www.x64architecture.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-double-free-in-ocsp_main.patch
Type: text/x-patch
Size: 924 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150130/05810d42/attachment.bin>
More information about the openssl-dev
mailing list