[openssl-dev] [openssl.org #3861] [patch] Fix memory leak in req
Hanno Boeck via RT
rt at openssl.org
Mon May 25 20:02:00 UTC 2015
The code in apps/req.c will use the variable out for both the key and
the csr outfile.
This causes a memory leak because if both a private key and a csr is
written the variable is re-used without freeing it.
See attached patch. (This could also be fixed by using a different var
for both files, could be considered more consistent, but I decided to
use a less invasive patch that just needs to add a single line.)
Please apply patch.
--
Hanno Böck
http://hboeck.de/
mail/jabber: hanno at hboeck.de
GPG: BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openssl-leakfixes-req.diff
Type: text/x-patch
Size: 249 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150525/b70d6570/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150525/b70d6570/attachment.sig>
More information about the openssl-dev
mailing list