diff options
| author |   tedu <tedu@openbsd.org> | 2014-04-23 21:01:15 +0000 |
|---|---|---|
| committer | tedu <tedu@openbsd.org> | 2014-04-23 21:01:15 +0000 |
| commit | 62a544929dda5e05cd9ea08f47d026b4ed3dc91e (patch) | |
| tree | 59b8820dac2432eb1489f325c864ce1c1da05cb8 /lib/libssl/src | |
| parent | The usual idiom to cope with systems not defining socklen_t is to add a (diff) | |
| download | wireguard-openbsd-62a544929dda5e05cd9ea08f47d026b4ed3dc91e.tar.xz wireguard-openbsd-62a544929dda5e05cd9ea08f47d026b4ed3dc91e.zip | |
null pointers after free to prevent double frees and worse. also fix a
very obvious use after free. this file may still be a total loss.
Diffstat (limited to 'lib/libssl/src')
| -rw-r--r-- | lib/libssl/src/ssl/kssl.c | 18 |
1 files changed, 6 insertions, 12 deletions
diff --git a/lib/libssl/src/ssl/kssl.c b/lib/libssl/src/ssl/kssl.c index b4ddab75972..9e71eed9fac 100644 --- a/lib/libssl/src/ssl/kssl.c +++ b/lib/libssl/src/ssl/kssl.c @@ -898,8 +898,8 @@ kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which, krb5_data *realm, return KSSL_CTX_ERR; break; } - if (*princ) - free(*princ); + free(*princ); + *princ = NULL; /* Add up all the entity->lengths */ length = 0; @@ -960,18 +960,11 @@ kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text) return KSSL_CTX_ERR; break; } - if (*string) - free(*string); + free(*string); + *string = NULL; - if (!text) { - *string = '\0'; - return KSSL_CTX_OK; - } - - if ((*string = calloc(1, strlen(text) + 1)) == NULL) + if ((*string = strdup(text ? text : "")) == NULL) return KSSL_CTX_ERR; - else - memcpy(*string, text, strlen(text) + 1); return KSSL_CTX_OK; } @@ -993,6 +986,7 @@ kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session) if (kssl_ctx->key) { OPENSSL_cleanse(kssl_ctx->key, kssl_ctx->length); free(kssl_ctx->key); + kssl_ctx->key = NULL; } if (session) { |