d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix double-free in OpenSSL's SSL ECDH code.

Browse Source 
It has yet to be determined if this warrants a FreeBSD Security
Advisory, but we might as well get it fixed in the normal branches.

Obtained from:	OpenSSL CVS
Security:	CVE-2010-2939
X-MFC after:	Not long...
This commit is contained in:
Simon L. B. Nielsen 2010-11-14 09:33:47 +00:00
parent 943fa42c1e
commit 8dced518a6
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=215288
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
crypto/openssl/ssl/s3_clnt.c
View File

@ -1377,6 +1377,7 @@ int ssl3_get_key_exchange(SSL *s)
s->session->sess_cert->peer_ecdh_tmp=ecdh;
ecdh=NULL;
BN_CTX_free(bn_ctx);
bn_ctx = NULL;
EC_POINT_free(srvr_ecpoint);
srvr_ecpoint = NULL;
}