artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1ab1003) | patch
Avoid a use-after-scope in tls13_cert_add().
authorjsing <jsing@openbsd.org>
Sun, 21 Mar 2021 16:56:42 +0000 (16:56 +0000)
committerjsing <jsing@openbsd.org>
Sun, 21 Mar 2021 16:56:42 +0000 (16:56 +0000)
commitc2daf09fddceaafbd1fd2d3f9881a284533ecaeb
tree7337db5db6df4aed87a2998ca09b7ae9caaaa55dtree | snapshot
parent1ab10031e6af82de1c7ba4de9be86417aa293c27commit | diff
Avoid a use-after-scope in tls13_cert_add().

A parent CBB retains a reference to a child CBB until CBB_flush() or
CBB_cleanup() is called. As such, the cert_exts CBB must be at function
scope.

Reported by Ilya Shipitsin.

ok tb@
lib/libssl/tls13_lib.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim