[openssl-dev] [openssl.org #4401] [PATCH] plug potential memory leak(s) in OpenSSL 1.1 pre 4 in 'ec_lib.c'

David Benjamin davidben at google.com
Thu Mar 10 15:51:19 UTC 2016


By the way, returning the original subject, I don't believe there is a leak
here.

If EC_GROUP_copy fails, dest still exists and is owned by the caller. It's
the caller's obligation to call EC_GROUP_free and that will release the
partially-copied EC_GROUP. (Which will, with this patch, cause a
double-free because the unnecessarily freed pointers aren't nulled.)

David

On Wed, Mar 9, 2016 at 1:00 PM Bill Parker via RT <rt at openssl.org> wrote:

> Geez,
>
>     What did I start here (egad) :)
>
> Bill
>
> On Wed, Mar 9, 2016 at 5:03 AM, Salz, Rich via RT <rt at openssl.org> wrote:
>
> > > No, you got that right, NULL being 'safe' to free varies with OS.
> >
> > Except we mandate ANSI C which means it's portable :)
> >
> > --
> > Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4401
> > Please log in as guest with password guest if prompted
> >
> >
>
> --
> Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4401
> Please log in as guest with password guest if prompted
>
> --
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160310/1cbc29f6/attachment-0001.html>


More information about the openssl-dev mailing list