mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-28 04:25:31 +08:00
Code Issues Packages Projects Releases Wiki Activity
27344bb82a
openssl/crypto/srp
History
Pauli b06450bcf7 srp: fix double free, 
In function SRP_create_verifier_ex, it calls SRP_create_verifier_BN_ex(..., &v, ..) at line 653.
In the implementation of SRP_create_verifier_BN_ex(), *verify (which is the paremeter of v) is allocated a pointer via BN_new() at line 738.
And *verify is freed via BN_clear_free() at line 743, and return 0.
Then the execution continues up to goto err at line 655, and the freed v is freed again at line 687.

Bug reported by @Yunlongs

Fixes #14913

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14921)
2021-04-21 09:17:22 +10:00
..
build.info unified build scheme: add build.info files 2016-02-01 12:46:58 +01:00
srp_lib.c Add ossl_bn_group symbols 2021-03-18 17:52:37 +10:00
srp_vfy.c srp: fix double free, 2021-04-21 09:17:22 +10:00