projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a4a93bb) | patch
Don't double free a DH object
authorMatt Caswell <matt@openssl.org>
Mon, 30 Mar 2020 13:15:06 +0000 (14:15 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 1 Apr 2020 16:16:58 +0000 (17:16 +0100)
commitfe56d5951f0b42fd3ff1cf42a96d07f06f9692bc
tree1545df80547413421ff412b0bf1040b375550b3ctree | snapshot
parenta4a93bbfb0e679eaa249f77c7c4e7e823ca870efcommit | diff
Don't double free a DH object

Having created a DH object and assigned it to an EVP_PKEY - we should
not free both the EVP_PKEY and the original DH. This will lead to a
double free occurring.

This issue was discovered and reported by GitHub Security Lab team member
Agustin Gianni.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11441)
ssl/statem/statem_clnt.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.