generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

PR: 2314

Browse Source 
Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net>
Reviewed by: steve

Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
This commit is contained in:
Dr. Stephen Henson 2010-10-10 12:15:47 +00:00
parent 983768997e
commit 5759425810
2 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@ -173,6 +173,9 @@
Changes between 0.9.8n and 1.0.0 [29 Mar 2010] Changes between 0.9.8n and 1.0.0 [29 Mar 2010]
*) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
[Steve Henson]
*) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
context. The operation can be customised via the ctrl mechanism in context. The operation can be customised via the ctrl mechanism in
case ENGINEs want to include additional functionality. case ENGINEs want to include additional functionality.

1
ssl/s3_clnt.c
View File

@ -1526,6 +1526,7 @@ int ssl3_get_key_exchange(SSL *s)
s->session->sess_cert->peer_ecdh_tmp=ecdh; s->session->sess_cert->peer_ecdh_tmp=ecdh;
ecdh=NULL; ecdh=NULL;
BN_CTX_free(bn_ctx); BN_CTX_free(bn_ctx);
bn_ctx = NULL;
EC_POINT_free(srvr_ecpoint); EC_POINT_free(srvr_ecpoint);
srvr_ecpoint = NULL; srvr_ecpoint = NULL;
} }