From: Ben Laurie Date: Tue, 22 Apr 2014 11:38:26 +0000 (+0100) Subject: Fix double frees. X-Git-Tag: master-post-reformat~862 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=4ba5e63bfd5c290ebde962af87588d503f3796b0;p=oweals%2Fopenssl.git Fix double frees. --- diff --git a/CHANGES b/CHANGES index 87333bfcc9..bb03d196d0 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,9 @@ Changes between 1.0.2 and 1.1.0 [xx XXX xxxx] + *) Fix some double frees. These are not thought to be exploitable. + [mancha ] + *) A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server. diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index 82e145b856..a0559b124e 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -928,6 +928,7 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) if (EVP_DigestSignUpdate(&mctx,abuf,alen) <= 0) goto err; OPENSSL_free(abuf); + abuf = NULL; if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0) goto err; abuf = OPENSSL_malloc(siglen); diff --git a/crypto/ts/ts_rsp_verify.c b/crypto/ts/ts_rsp_verify.c index afe16afbe4..3c7f816d12 100644 --- a/crypto/ts/ts_rsp_verify.c +++ b/crypto/ts/ts_rsp_verify.c @@ -629,6 +629,7 @@ static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info, X509_ALGOR_free(*md_alg); OPENSSL_free(*imprint); *imprint_len = 0; + *imprint = 0; return 0; }