From: Dr. Stephen Henson Date: Thu, 2 Apr 2015 12:45:14 +0000 (+0100) Subject: Don't set *pval to NULL in ASN1_item_ex_new. X-Git-Tag: OpenSSL_1_0_0s~36 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=dafa9534de489bbb0c496eae628cacadcdd01821;p=oweals%2Fopenssl.git Don't set *pval to NULL in ASN1_item_ex_new. While *pval is usually a pointer in rare circumstances it can be a long value. One some platforms (e.g. WIN64) where sizeof(long) < sizeof(ASN1_VALUE *) this will write past the field. *pval is initialised correctly in the rest of ASN1_item_ex_new so setting it to NULL is unecessary anyway. Thanks to Julien Kauffmann for reporting this issue. Reviewed-by: Richard Levitte (cherry picked from commit f617b4969a9261b9d7d381670aefbe2cf766a2cb) Conflicts: crypto/asn1/tasn_new.c --- diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c index d25c68c545..9f3a411aaf 100644 --- a/crypto/asn1/tasn_new.c +++ b/crypto/asn1/tasn_new.c @@ -100,9 +100,6 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, else asn1_cb = 0; - if (!combine) - *pval = NULL; - #ifdef CRYPTO_MDEBUG if (it->sname) CRYPTO_push_info(it->sname);