projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 23d221b)
Coverity fix in apps/oscp
authorFdaSilvaYY <fdasilvayy@gmail.com>
Sun, 7 Oct 2018 19:47:31 +0000 (21:47 +0200)
committerDr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Sat, 22 Dec 2018 17:11:35 +0000 (18:11 +0100)
CID 1440002 (#1 of 1): Use after free (USE_AFTER_FREE)
Not a deadly error, because error was just before app exit.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7359)

apps/ocsp.c patch | blob | history

diff --git a/apps/ocsp.c b/apps/ocsp.c
index c129e9e514c8b05d22a7eb93ac4467005ed5fab3..fb0a95ba745828209eb9827525142b1cafdbbdda 100644 (file)
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -863,6 +863,7 @@ static void killall(int ret, pid_t *kidpids)
     for (i = 0; i < multi; ++i)
         if (kidpids[i] != 0)
             (void)kill(kidpids[i], SIGTERM);
+    OPENSSL_free(kidpids);
     sleep(1);
     exit(ret);
 }
@@ -977,7 +978,6 @@ static void spawn_loop(void)
     }
 
     /* The loop above can only break on termsig */
-    OPENSSL_free(kidpids);
     syslog(LOG_INFO, "terminating on signal: %d", termsig);
     killall(0, kidpids);
 }
Unnamed repository; edit this file 'description' to name the repository.