artulab
projects
/
openbsd
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
58afdee
)
Fix leak in cms_RecipientInfo_kekri_decrypt()
author
tb
<tb@openbsd.org>
Wed, 8 Sep 2021 14:33:02 +0000
(14:33 +0000)
committer
tb
<tb@openbsd.org>
Wed, 8 Sep 2021 14:33:02 +0000
(14:33 +0000)
Free ec->key before reassigning it.
From OpenSSL 1.1.1,
58e1e397
ok inoguchi
lib/libcrypto/cms/cms_env.c
patch
|
blob
|
history
diff --git
a/lib/libcrypto/cms/cms_env.c
b/lib/libcrypto/cms/cms_env.c
index
74d957e
..
a88ea63
100644
(file)
--- a/
lib/libcrypto/cms/cms_env.c
+++ b/
lib/libcrypto/cms/cms_env.c
@@
-1,4
+1,4
@@
-/* $OpenBSD: cms_env.c,v 1.2
3 2019/10/04 18:03:56
tb Exp $ */
+/* $OpenBSD: cms_env.c,v 1.2
4 2021/09/08 14:33:02
tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
@@
-792,6
+792,7
@@
cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
goto err;
}
+ freezero(ec->key, ec->keylen);
ec->key = ukey;
ec->keylen = ukeylen;
projects / openbsd / commitdiff