projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix the ECDSA timing attack mentioned in the paper at:
[openssl.git] / crypto / ocsp / ocsp_lib.c
diff --git a/crypto/ocsp/ocsp_lib.c b/crypto/ocsp/ocsp_lib.c
index 0090bc267c418a7cfcd0dc6bcde1ceaf9e14437d..a94dc838eecbfc84ecae6a14c9acb88bdc9234ec 100644 (file)
--- a/crypto/ocsp/ocsp_lib.c
+++ b/crypto/ocsp/ocsp_lib.c
@@ -171,14 +171,14 @@ int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pss
 
        char *host, *port;
 
-       /* dup the buffer since we are going to mess with it */
-       buf = BUF_strdup(url);
-       if (!buf) goto mem_err;
-
        *phost = NULL;
        *pport = NULL;
        *ppath = NULL;
 
+       /* dup the buffer since we are going to mess with it */
+       buf = BUF_strdup(url);
+       if (!buf) goto mem_err;
+
        /* Check for initial colon */
        p = strchr(buf, ':');
 
Unnamed repository; edit this file 'description' to name the repository.