Fix memory leak on bad inputs.

837e1b68 · Bodo Möller · ae53b299 · 837e1b68 · 837e1b68
隐藏空白更改
内联并排

Showing with 9 addition and 1 deletion

CHANGES CHANGES +6 -0

crypto/asn1/x_name.c crypto/asn1/x_name.c +3 -1

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -418,6 +418,9 @@

 Changes between 1.0.0d and 1.0.0e [xx XXX xxxx]

+  *) Fix x509_name_ex_d2i memory leak on bad inputs.
+     [Bodo Moeller]
+
  *) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check
     signature public key algorithm by using OID xref utilities instead.
     Before this you could only use some ECC ciphersuites with SHA1 only.
@@ -1312,6 +1315,9 @@
  
 Changes between 0.9.8r and 0.9.8s [xx XXX xxxx]

+  *) Fix x509_name_ex_d2i memory leak on bad inputs.
+     [Bodo Moeller]
+
  *) Add protection against ECDSA timing attacks as mentioned in the paper
     by Billy Bob Brumley and Nicola Tuveri, see:


--- a/crypto/asn1/x_name.c
+++ b/crypto/asn1/x_name.c
@@ -214,7 +214,9 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
 	*val = nm.a;
 	*in = p;
 	return ret;
-	err:
+err:
+        if (nm.x != NULL)
+		X509_NAME_free(nm.x);
 	ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
 	return 0;
 }