projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3e3aadd) | patch
Fix a possible use-after-free in custom_exts_free
authorBernd Edlinger <bernd.edlinger@hotmail.de>
Mon, 20 Nov 2023 09:05:49 +0000 (10:05 +0100)
committerRichard Levitte <levitte@openssl.org>
Wed, 22 Nov 2023 08:34:55 +0000 (09:34 +0100)
commitbc0773bbbd4d3ace6957385f1f22a5cda25dc94f
tree6a97e683f1afac60da00920547e623add13b7e94tree | snapshot
parent3e3aadd51cae1fbfb512cf4a0999d16c6a2888bdcommit | diff
Fix a possible use-after-free in custom_exts_free

This may happen when ssl_cert_dup calls custom_exts_copy, where
a possible memory allocation error causes custom_exts_free
to be called twice: once in the error handling of custom_exts_copy
and a second time in the error handling of ssl_cert_dup.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22772)
ssl/statem/extensions_cust.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.