Home Explore Help
Sign In
OWEALs
/
openssl
mirror of git://git.openssl.org/openssl.git
2
0
Fork 0
Files Issues 1 Wiki
Browse Source

Fix a possible use-after-free in custom_exts_free

This may happen when ssl_cert_dup calls custom_exts_copy, where
a possible memory allocation error causes custom_exts_free
to be called twice: once in the error handling of custom_exts_copy
and a second time in the error handling of ssl_cert_dup.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22772)
Bernd Edlinger 6 months ago
parent
3e3aadd51c
commit
bc0773bbbd
1 changed files with 2 additions and 0 deletions
Split View Show Diff Stats
  1. 2 0
      ssl/statem/extensions_cust.c

+ 2 - 0
ssl/statem/extensions_cust.c
View File 

@@ -342,6 +342,8 @@ void custom_exts_free(custom_ext_methods *exts)
 
         OPENSSL_free(meth->parse_arg);
 
     }
 
     OPENSSL_free(exts->meths);
 
+    exts->meths = NULL;
 
+    exts->meths_count = 0;
 
 }
 
 
 /* Return true if a client custom extension exists, false otherwise */