git.ipfire.org Git - thirdparty/openssl.git/commit

]> git.ipfire.org Git - thirdparty/openssl.git/commit

projects / thirdparty / openssl.git / commit

author	Matt Caswell <matt@openssl.org>
	Mon, 30 Mar 2020 13:15:06 +0000 (14:15 +0100)
committer	Matt Caswell <matt@openssl.org>
	Wed, 1 Apr 2020 16:16:58 +0000 (17:16 +0100)
commit	fe56d5951f0b42fd3ff1cf42a96d07f06f9692bc
tree	1545df80547413421ff412b0bf1040b375550b3c	tree \| snapshot
parent	a4a93bbfb0e679eaa249f77c7c4e7e823ca870ef	commit \| diff

Don't double free a DH object

Having created a DH object and assigned it to an EVP_PKEY - we should
not free both the EVP_PKEY and the original DH. This will lead to a
double free occurring.

This issue was discovered and reported by GitHub Security Lab team member
Agustin Gianni.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11441)

ssl/statem/statem_clnt.c

diff | blob | blame | history

A mirror of the official openssl repository

RSS Atom