projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: da6ce18) | patch
PR: 2009
authorDr. Stephen Henson <steve@openssl.org>
Wed, 2 Sep 2009 13:20:02 +0000 (13:20 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 2 Sep 2009 13:20:02 +0000 (13:20 +0000)
commit1da61e8051a67bf449e44a38dd856740caeb0e8b
treea808ed693da95b8aa9838660c7fa7c4eacb614cdtree | snapshot
parentda6ce182795432c4ffb658d87ff2de6967b4e5e4commit | diff
PR: 2009
Submitted by: "Alexei Khlebnikov" <alexei.khlebnikov@opera.com>
Approved by: steve@openssl.org

Avoid memory leak and fix error reporting in d2i_SSL_SESSION(). NB: although
the ticket mentions buffer overruns this isn't a security issue because
the SSL_SESSION structure is generated internally and it should never be
possible to supply its contents from an untrusted application (this would
among other things destroy session cache security).
ssl/ssl_asn1.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.