projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 295c629)
RT3682: Avoid double-free on OCSP parse error
authorRich Salz <rsalz@openssl.org>
Tue, 23 Jun 2015 12:14:24 +0000 (08:14 -0400)
committerRich Salz <rsalz@openssl.org>
Tue, 23 Jun 2015 12:14:24 +0000 (08:14 -0400)
Found by Kurt Cancemi

(Manual cherry-pick of f8e427154bbc0c33f29fa7aad001b1b655e5995b)
Reviewed-by: Matt Caswell <matt@openssl.org>
apps/ocsp.c patch | blob | history

diff --git a/apps/ocsp.c b/apps/ocsp.c
index b858b8d3ee0023b3c5acc42ffd699df5e2d2cf90..926083dd1b5cc19909a5ef8a6bc23e216783d9da 100644 (file)
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -209,6 +209,7 @@ int MAIN(int argc, char **argv)
                 OPENSSL_free(tport);
             if (tpath)
                 OPENSSL_free(tpath);
+            thost = tport = tpath = NULL;
             if (args[1]) {
                 args++;
                 if (!OCSP_parse_url(*args, &host, &port, &path, &use_ssl)) {
Unnamed repository; edit this file 'description' to name the repository.