PR: 2072
authorDr. Stephen Henson <steve@openssl.org>
Fri, 16 Oct 2009 15:24:19 +0000 (15:24 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Fri, 16 Oct 2009 15:24:19 +0000 (15:24 +0000)
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Avoid potential doublefree and reuse of freed handshake_buffer.

ssl/s3_lib.c

index 7aa1c03..d6b047c 100644 (file)
@@ -2211,6 +2211,7 @@ void ssl3_clear(SSL *s)
        wlen = s->s3->wbuf.len;
        if (s->s3->handshake_buffer) {
                BIO_free(s->s3->handshake_buffer);
+               s->s3->handshake_buffer = NULL;
        }
        if (s->s3->handshake_dgst) {
                ssl3_free_digest_list(s);