Fix double frees.

4ba5e63b · Ben Laurie · 9330a85e · 4ba5e63b · 4ba5e63b · 4ba5e63b
隐藏空白更改
内联并排

Showing with 5 addition and 0 deletion

CHANGES CHANGES +3 -0

crypto/pkcs7/pk7_doit.c crypto/pkcs7/pk7_doit.c +1 -0

crypto/ts/ts_rsp_verify.c crypto/ts/ts_rsp_verify.c +1 -0

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,9 @@

 Changes between 1.0.2 and 1.1.0  [xx XXX xxxx]

+  *) Fix some double frees. These are not thought to be exploitable.
+     [mancha <mancha1@zoho.com>]
+
  *) A missing bounds check in the handling of the TLS heartbeat extension
     can be used to reveal up to 64k of memory to a connected client or
     server.

--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -928,6 +928,7 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
 	if (EVP_DigestSignUpdate(&mctx,abuf,alen) <= 0)
 		goto err;
 	OPENSSL_free(abuf);
+	abuf = NULL;
 	if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0)
 		goto err;
 	abuf = OPENSSL_malloc(siglen);

--- a/crypto/ts/ts_rsp_verify.c
+++ b/crypto/ts/ts_rsp_verify.c
@@ -629,6 +629,7 @@ static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
 	X509_ALGOR_free(*md_alg);
 	OPENSSL_free(*imprint);
 	*imprint_len = 0;
+	*imprint = 0;
 	return 0;
 	}