projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 70dc09e) | patch
PR: 2009
authorDr. Stephen Henson <steve@openssl.org>
Wed, 2 Sep 2009 13:20:32 +0000 (13:20 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 2 Sep 2009 13:20:32 +0000 (13:20 +0000)
commit3d9b105fe042b4986467ec12d881fa8a33ecd9ec
tree3701125aee26b755c61f01f70218103fe1639521tree | snapshot
parent70dc09ebe439f181e8472b2a8dcd4092591b5db4commit | diff
PR: 2009
Submitted by: "Alexei Khlebnikov" <alexei.khlebnikov@opera.com>
Approved by: steve@openssl.org

Avoid memory leak and fix error reporting in d2i_SSL_SESSION(). NB: although
the ticket mentions buffer overruns this isn't a security issue because
the SSL_SESSION structure is generated internally and it should never be
possible to supply its contents from an untrusted application (this would
among other things destroy session cache security).
ssl/ssl_asn1.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.