summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authordoug <doug@openbsd.org>2015-02-25 04:56:41 +0000
committerdoug <doug@openbsd.org>2015-02-25 04:56:41 +0000
commit07628f06e65126a93f5117f29a094c6d24cb89d4 (patch)
tree8454f4935b596176c28b46b6cb71a140400160b5
parentFix CVE-2015-0205: Do not accept client authentication with Diffie-Hellman (diff)
downloadwireguard-openbsd-07628f06e65126a93f5117f29a094c6d24cb89d4.tar.xz
wireguard-openbsd-07628f06e65126a93f5117f29a094c6d24cb89d4.zip
Avoid NULL pointer deref in hashinfo_free() when calling from error paths.
Also, nuke debugging printfs per jsing and bcook. ok bcook@, jsing@
-rw-r--r--usr.bin/openssl/certhash.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/usr.bin/openssl/certhash.c b/usr.bin/openssl/certhash.c
index 992ef31cd53..f274cda8fdd 100644
--- a/usr.bin/openssl/certhash.c
+++ b/usr.bin/openssl/certhash.c
@@ -91,6 +91,9 @@ hashinfo(const char *filename, unsigned long hash, unsigned char *fingerprint)
static void
hashinfo_free(struct hashinfo *hi)
{
+ if (hi == NULL)
+ return;
+
free(hi->filename);
free(hi->target);
free(hi);
@@ -359,10 +362,8 @@ certhash_addlink(struct hashinfo **links, struct hashinfo *hi)
if ((link = hashinfo(NULL, hi->hash, hi->fingerprint)) == NULL)
goto err;
-printf("hi->is_crl = %i\n", hi->is_crl);
if ((link->filename = hashinfo_linkname(hi)) == NULL)
goto err;
-printf("filename = %s\n", link->filename);
link->reference = hi;
link->changed = 1;