mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-23 10:03:32 +08:00
Code Issues Packages Projects Releases Wiki Activity
master
openssl/crypto/srp
History
Niels Dossche 792b2c8da2 Fix potential double free through SRP_user_pwd_set1_ids() 
If SRP_user_pwd_set1_ids() fails during one of the duplications, or id
is NULL, then the old pointer values are still stored but they are now dangling.
Later when SRP_user_pwd_free() is called these are freed again,
leading to a double free.

Although there are no such uses in OpenSSL as far as I found,
it's still a public API.

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25655)
2024-10-11 14:22:36 +02:00
..
build.info unified build scheme: add build.info files 2016-02-01 12:46:58 +01:00
srp_lib.c Add ossl_bn_group symbols 2021-03-18 17:52:37 +10:00
srp_vfy.c Fix potential double free through SRP_user_pwd_set1_ids() 2024-10-11 14:22:36 +02:00