projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 94300d8) | patch
Fix a use-after-free in qrx_proces_pkt
authorMatt Caswell <matt@openssl.org>
Thu, 12 Oct 2023 14:42:22 +0000 (15:42 +0100)
committerMatt Caswell <matt@openssl.org>
Mon, 23 Oct 2023 09:08:12 +0000 (10:08 +0100)
commit1f8a8c1de90ebdb4f3c9dbbf3d1329e3f025e946
tree69177e8e74b2e6075921d9e244cb98754cbd0d13tree | snapshot
parent94300d8de224e2135e75439e6b9c63eb7ad61fdfcommit | diff
Fix a use-after-free in qrx_proces_pkt

When calling qrx_relocate_buffer, both the rxe and the pointer to the token
may be changing locations. We have to use a temporary copy of the token
pointer to avoid referencing the old location of the rxe.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
ssl/quic/quic_record_rx.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.