Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
compat-openssl098.6133
openssl-CVE-2015-0209.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssl-CVE-2015-0209.patch of Package compat-openssl098.6133
commit 1b4a8df38fc9ab3c089ca5765075ee53ec5bd66a Author: Matt Caswell <matt@openssl.org> Date: Mon Feb 9 11:38:41 2015 +0000 Fix a failure to NULL a pointer freed on error. Inspired by BoringSSL commit 517073cd4b by Eric Roman <eroman@chromium.org> CVE-2015-0209 Reviewed-by: Emilia Käsper <emilia@openssl.org> Index: openssl-0.9.8j/crypto/ec/ec_asn1.c =================================================================== --- openssl-0.9.8j.orig/crypto/ec/ec_asn1.c 2015-03-16 17:55:36.146193639 +0100 +++ openssl-0.9.8j/crypto/ec/ec_asn1.c 2015-03-16 18:00:26.159412656 +0100 @@ -1126,8 +1126,6 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, con ERR_R_MALLOC_FAILURE); goto err; } - if (a) - *a = ret; } else ret = *a; @@ -1192,11 +1190,13 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, con } } + if (a) + *a = ret; ok = 1; err: if (!ok) { - if (ret) + if (ret && (a == NULL || *a != ret)) EC_KEY_free(ret); ret = NULL; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor