From 8dced518a655460f66ae24918b5415dd1259c5d2 Mon Sep 17 00:00:00 2001 From: "Simon L. B. Nielsen" Date: Sun, 14 Nov 2010 09:33:47 +0000 Subject: [PATCH] Fix double-free in OpenSSL's SSL ECDH code. It has yet to be determined if this warrants a FreeBSD Security Advisory, but we might as well get it fixed in the normal branches. Obtained from: OpenSSL CVS Security: CVE-2010-2939 X-MFC after: Not long... --- crypto/openssl/ssl/s3_clnt.c | 1 + 1 file changed, 1 insertion(+) diff --git a/crypto/openssl/ssl/s3_clnt.c b/crypto/openssl/ssl/s3_clnt.c index e5138b6e5eee..aa53506d073e 100644 --- a/crypto/openssl/ssl/s3_clnt.c +++ b/crypto/openssl/ssl/s3_clnt.c @@ -1377,6 +1377,7 @@ int ssl3_get_key_exchange(SSL *s) s->session->sess_cert->peer_ecdh_tmp=ecdh; ecdh=NULL; BN_CTX_free(bn_ctx); + bn_ctx = NULL; EC_POINT_free(srvr_ecpoint); srvr_ecpoint = NULL; }