git.openssl.org Git - openssl.git/commit

author	Dr. Stephen Henson <steve@openssl.org>
	Thu, 18 Feb 2016 12:47:23 +0000 (12:47 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Fri, 19 Feb 2016 14:03:07 +0000 (14:03 +0000)
commit	6c88c71b4e4825c7bc0489306d062d017634eb88
tree	89c2e24b0b7702ae6fb507f640b25cdd1e01715b	tree \| snapshot
parent	c575ceffdbc38a32f1229cf30d901403c9361334	commit \| diff

Fix double free in DSA private key parsing.

Fix double free bug when parsing malformed DSA private keys.

Thanks to Adam Langley (Google/BoringSSL) for discovering this bug using
libFuzzer.

CVE-2016-0705

Reviewed-by: Emilia Käsper <emilia@openssl.org>

crypto/dsa/dsa_ameth.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom