[openssl-dev] Null pointer dereferences?
Salz, Rich
rsalz at akamai.com
Tue May 9 01:55:59 UTC 2017
> The first was in crypto/async/async_wait.c on line 157. `prev` is assigned to
> NULL on 144, and it doesn't look like it is assigned to anything in the while
> loop.
Line 177.
> - OPENSSL_free(clienthello->pre_proc_exts);
> + if(clienthello) {
> + OPENSSL_free(clienthello->pre_proc_exts);
> + }
Without the curly braces :) yes, this seems like a bug.
More information about the openssl-dev
mailing list