]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d873280)
sm2_dupctx: Avoid potential use after free of the md
authorTomas Mraz <tomas@openssl.org>
Wed, 8 Jun 2022 15:48:39 +0000 (17:48 +0200)
committerTomas Mraz <tomas@openssl.org>
Fri, 10 Jun 2022 12:06:57 +0000 (14:06 +0200)
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18494)

providers/implementations/asymciphers/sm2_enc.c patch | blob | blame | history

diff --git a/providers/implementations/asymciphers/sm2_enc.c b/providers/implementations/asymciphers/sm2_enc.c
index 9577d16e8384153c5cbf934c6c6401185f505562..ddb2cfc14a12a32a67ad26e56b0131df37c2267f 100644 (file)
--- a/providers/implementations/asymciphers/sm2_enc.c
+++ b/providers/implementations/asymciphers/sm2_enc.c
@@ -138,6 +138,8 @@ static void *sm2_dupctx(void *vpsm2ctx)
         return NULL;
 
     *dstctx = *srcctx;
+    memset(&dstctx->md, 0, sizeof(dstctx->md));
+
     if (dstctx->key != NULL && !EC_KEY_up_ref(dstctx->key)) {
         OPENSSL_free(dstctx);
         return NULL;
Mirror of https://github.com/openssl/openssl.git