generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

PR: 2314

Browse Source 
Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net>
Reviewed by: steve

Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
This commit is contained in:
Dr. Stephen Henson 2010-10-10 12:27:19 +00:00
parent b9e468c163
commit 3fa29765fd
2 changed files with 4 additions and 0 deletions

3
CHANGES

@ -893,6 +893,9 @@
Changes between 0.9.8o and 0.9.8p [xx XXX xxxx]
*) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
[Steve Henson]
*) Don't reencode certificate when calculating signature: cache and use
the original encoding instead. This makes signature verification of
some broken encodings work correctly.

1
ssl/s3_clnt.c

@ -1509,6 +1509,7 @@ int ssl3_get_key_exchange(SSL *s)
s->session->sess_cert->peer_ecdh_tmp=ecdh;
ecdh=NULL;
BN_CTX_free(bn_ctx);
bn_ctx = NULL;
EC_POINT_free(srvr_ecpoint);
srvr_ecpoint = NULL;
}