Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.1
openssl
openssl-CVE-2015-0209.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssl-CVE-2015-0209.patch of Package openssl
commit 89117535f1bb3ea72a17933b703271587d7aaf0b Author: Matt Caswell <matt@openssl.org> Date: Mon Feb 9 11:38:41 2015 +0000 Fix a failure to NULL a pointer freed on error. Inspired by BoringSSL commit 517073cd4b by Eric Roman <eroman@chromium.org> CVE-2015-0209 Reviewed-by: Emilia Käsper <emilia@openssl.org> Index: openssl-1.0.1i/crypto/ec/ec_asn1.c =================================================================== --- openssl-1.0.1i.orig/crypto/ec/ec_asn1.c 2015-03-17 13:10:10.956899710 +0100 +++ openssl-1.0.1i/crypto/ec/ec_asn1.c 2015-03-17 13:14:06.422351709 +0100 @@ -1142,8 +1142,6 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, con ERR_R_MALLOC_FAILURE); goto err; } - if (a) - *a = ret; } else ret = *a; @@ -1208,11 +1206,13 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, con } } + if (a) + *a = ret; ok = 1; err: if (!ok) { - if (ret) + if (ret && (a == NULL || *a != ret)) EC_KEY_free(ret); ret = NULL; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor