generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix memory leak on bad inputs.

Browse Source
This commit is contained in:
Bodo Möller 2011-09-05 09:57:20 +00:00
parent ae53b299fa
commit 837e1b6812
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGES
View File

@ -418,6 +418,9 @@
Changes between 1.0.0d and 1.0.0e [xx XXX xxxx] Changes between 1.0.0d and 1.0.0e [xx XXX xxxx]
*) Fix x509_name_ex_d2i memory leak on bad inputs.
[Bodo Moeller]
*) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check *) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check
signature public key algorithm by using OID xref utilities instead. signature public key algorithm by using OID xref utilities instead.
Before this you could only use some ECC ciphersuites with SHA1 only. Before this you could only use some ECC ciphersuites with SHA1 only.
@ -1312,6 +1315,9 @@
Changes between 0.9.8r and 0.9.8s [xx XXX xxxx] Changes between 0.9.8r and 0.9.8s [xx XXX xxxx]
*) Fix x509_name_ex_d2i memory leak on bad inputs.
[Bodo Moeller]
*) Add protection against ECDSA timing attacks as mentioned in the paper *) Add protection against ECDSA timing attacks as mentioned in the paper
by Billy Bob Brumley and Nicola Tuveri, see: by Billy Bob Brumley and Nicola Tuveri, see:

2
crypto/asn1/x_name.c
View File

@ -215,6 +215,8 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
*in = p; *in = p;
return ret; return ret;
err: err:
if (nm.x != NULL)
X509_NAME_free(nm.x);
ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR); ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
return 0; return 0;
} }