backout previous, data_len is not always initialized

author otto <otto@openbsd.org>

Sun, 16 Apr 2017 06:26:55 +0000 (06:26 +0000)

committer otto <otto@openbsd.org>

Sun, 16 Apr 2017 06:26:55 +0000 (06:26 +0000)
author otto <otto@openbsd.org>
Sun, 16 Apr 2017 06:26:55 +0000 (06:26 +0000)
committer otto <otto@openbsd.org>
Sun, 16 Apr 2017 06:26:55 +0000 (06:26 +0000)
diff --git a/lib/libssl/ssl_asn1.c b/lib/libssl/ssl_asn1.c

index 8e6528d..b27be00 100644 (file)
--- a/lib/libssl/ssl_asn1.c
+++ b/lib/libssl/ssl_asn1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_asn1.c,v 1.52 2017/04/14 15:20:16 jsing Exp $ */
+/* $OpenBSD: ssl_asn1.c,v 1.53 2017/04/16 06:26:55 otto Exp $ */
  
  /*
   * Copyright (c) 2016 Joel Sing <jsing@openbsd.org>
@@ -205,9 +205,12 @@ i2d_SSL_SESSION(SSL_SESSION *s, unsigned char **pp)
         rv = (int)data_len;
  
   err:
+       if (data != NULL)
+               explicit_bzero(data, data_len);
+
         CBB_cleanup(&session);
-       freezero(data, data_len);
         free(peer_cert_bytes);
+       free(data);
  
         return rv;
  }
author	otto <otto@openbsd.org>
	Sun, 16 Apr 2017 06:26:55 +0000 (06:26 +0000)
committer	otto <otto@openbsd.org>
	Sun, 16 Apr 2017 06:26:55 +0000 (06:26 +0000)