Only call free in CBB_init(). - wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

diff options

author	doug <doug@openbsd.org>	2015-02-07 04:37:35 +0000
committer	doug <doug@openbsd.org>	2015-02-07 04:37:35 +0000
commit	41724196798bd9b55cc71189b0efbc26cd15b004 (patch)
tree	fa9db4f03e945144847576859ea649fc36ab8083 /lib/libssl/ssl_lib.c
parent	Attempt to implement the OpenSSL error dance so that TLS read/write (diff)
download	wireguard-openbsd-41724196798bd9b55cc71189b0efbc26cd15b004.tar.xz wireguard-openbsd-41724196798bd9b55cc71189b0efbc26cd15b004.zip

Only call free in CBB_init().

CBB_init_fixed() should not call free because it can lead to use after free or double free bugs. The caller should be responsible for creating and destroying the buffer. From BoringSSL commit a84f06fc1eee6ea25ce040675fbad72c532afece miod agrees with the reasoning ok jsing@, beck@

Diffstat (limited to 'lib/libssl/ssl_lib.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: