git.ipfire.org Git - thirdparty/openssl.git/commit

]> git.ipfire.org Git - thirdparty/openssl.git/commit

projects / thirdparty / openssl.git / commit

author	Jakub Zelenka <jakub.zelenka@openssl.foundation>
	Thu, 7 May 2026 17:13:30 +0000 (19:13 +0200)
committer	Tomas Mraz <tomas@openssl.foundation>
	Mon, 18 May 2026 10:50:17 +0000 (12:50 +0200)
commit	80f97a9072e96ef7b7f708ac944bce47abbf13ff
tree	f6a0108519afaf887010c8d839553cb095f57e4a	tree \| snapshot
parent	b3bfc7bf552d534fc96db740cdb6b3191cb317d6	commit \| diff

Fix UAF if QUIC channel init fails

This happens because port does not get reset on the first freeing in
channel block so when it is being freed again in ossl_quic_new, it
tries to access item in port.

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
MergeDate: Mon May 18 10:50:23 2026
(Merged from https://github.com/openssl/openssl/pull/31109)

ssl/quic/quic_impl.c

diff | blob | blame | history

Mirror of https://github.com/openssl/openssl.git

RSS Atom