projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f18e102) | patch
PR: 2009
authorDr. Stephen Henson <steve@openssl.org>
Wed, 2 Sep 2009 13:20:22 +0000 (13:20 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 2 Sep 2009 13:20:22 +0000 (13:20 +0000)
commit54ed003ace95df93c51f49fc0d6d446d957da97e
tree94c41d75640a91d6d60419448d2c27d81752d084tree | snapshot
parentf18e10253d1a700a6cf9c713d6719be4b2751088commit | diff
PR: 2009
Submitted by: "Alexei Khlebnikov" <alexei.khlebnikov@opera.com>
Approved by: steve@openssl.org

Avoid memory leak and fix error reporting in d2i_SSL_SESSION(). NB: although
the ticket mentions buffer overruns this isn't a security issue because
the SSL_SESSION structure is generated internally and it should never be
possible to supply its contents from an untrusted application (this would
among other things destroy session cache security).
ssl/ssl_asn1.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.