generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix a NULL deref in an error path

Browse Source 
The SRP_create_verifier_BN function goes to the |err| label if the |salt|
value passed to it is NULL. It is then deref'd.

Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Matt Caswell 2015-11-12 15:54:30 +00:00
parent e113c9c59d
commit 3bbd1d63e2
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/srp/srp_vfy.c
View File

@ -644,7 +644,7 @@ int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
*salt = salttmp; *salt = salttmp;
err: err:
if (*salt != salttmp) if (salt != NULL && *salt != salttmp)
BN_clear_free(salttmp); BN_clear_free(salttmp);
BN_clear_free(x); BN_clear_free(x);
BN_CTX_free(bn_ctx); BN_CTX_free(bn_ctx);