projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2aa28a1)
evp_pkey_ctx_free_old_ops(): Make sure to assign NULL to freed pointers
authorRichard Levitte <levitte@openssl.org>
Tue, 29 Oct 2019 21:17:19 +0000 (22:17 +0100)
committerRichard Levitte <levitte@openssl.org>
Thu, 31 Oct 2019 11:26:59 +0000 (12:26 +0100)
Otherwise, should this function be called more than once on the same
EVP_PKEY_CTX, we get double free issues.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10292)

crypto/evp/pmeth_lib.c patch | blob | history

diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 1186e5ba3af502204185407cf85b6785dbde81d8..350d963086edb52b6eeccc5f73abcd28246729ef 100644 (file)
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -201,10 +201,14 @@ void evp_pkey_ctx_free_old_ops(EVP_PKEY_CTX *ctx)
         if (ctx->op.kex.exchprovctx != NULL && ctx->op.kex.exchange != NULL)
             ctx->op.kex.exchange->freectx(ctx->op.kex.exchprovctx);
         EVP_KEYEXCH_free(ctx->op.kex.exchange);
+        ctx->op.kex.exchprovctx = NULL;
+        ctx->op.kex.exchange = NULL;
     } else if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)) {
         if (ctx->op.sig.sigprovctx != NULL && ctx->op.sig.signature != NULL)
             ctx->op.sig.signature->freectx(ctx->op.sig.sigprovctx);
         EVP_SIGNATURE_free(ctx->op.sig.signature);
+        ctx->op.sig.sigprovctx = NULL;
+        ctx->op.sig.signature = NULL;
     }
 }
 
Unnamed repository; edit this file 'description' to name the repository.