forked from rpms/openssl
- fix use of freed memory if SSL_CTX_free() is called before SSL_free()
(#521342)
This commit is contained in:
Tomáš Mráz
parent
5c062c1ba9
commit
a650e4abcb
31
openssl-1.0.0-beta3-ssl-free.patch
Normal file
31
openssl-1.0.0-beta3-ssl-free.patch
Normal file
@ -0,0 +1,31 @@
|
||||
diff -up openssl-1.0.0-beta3/ssl/ssl_lib.c.ctx-free openssl-1.0.0-beta3/ssl/ssl_lib.c
|
||||
--- openssl-1.0.0-beta3/ssl/ssl_lib.c.ctx-free 2009-10-08 20:44:26.000000000 +0200
|
||||
+++ openssl-1.0.0-beta3/ssl/ssl_lib.c 2009-10-16 11:56:53.000000000 +0200
|
||||
@@ -556,7 +556,6 @@ void SSL_free(SSL *s)
|
||||
if (s->cert != NULL) ssl_cert_free(s->cert);
|
||||
/* Free up if allocated */
|
||||
|
||||
- if (s->ctx) SSL_CTX_free(s->ctx);
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
if (s->tlsext_hostname)
|
||||
OPENSSL_free(s->tlsext_hostname);
|
||||
@@ -580,6 +579,8 @@ void SSL_free(SSL *s)
|
||||
|
||||
if (s->method != NULL) s->method->ssl_free(s);
|
||||
|
||||
+ if (s->ctx) SSL_CTX_free(s->ctx);
|
||||
+
|
||||
#ifndef OPENSSL_NO_KRB5
|
||||
if (s->kssl_ctx != NULL)
|
||||
kssl_ctx_free(s->kssl_ctx);
|
||||
diff -up openssl-1.0.0-beta3/ssl/s3_lib.c.hbuf-clear openssl-1.0.0-beta3/ssl/s3_lib.c
|
||||
--- openssl-1.0.0-beta3/ssl/s3_lib.c.hbuf-clear 2009-05-28 20:10:47.000000000 +0200
|
||||
+++ openssl-1.0.0-beta3/ssl/s3_lib.c 2009-10-16 09:50:24.000000000 +0200
|
||||
@@ -2211,6 +2211,7 @@ void ssl3_clear(SSL *s)
|
||||
wlen = s->s3->wbuf.len;
|
||||
if (s->s3->handshake_buffer) {
|
||||
BIO_free(s->s3->handshake_buffer);
|
||||
+ s->s3->handshake_buffer = NULL;
|
||||
}
|
||||
if (s->s3->handshake_dgst) {
|
||||
ssl3_free_digest_list(s);
|
||||
@ -23,7 +23,7 @@
|
||||
Summary: A general purpose cryptography library with TLS implementation
|
||||
Name: openssl
|
||||
Version: 1.0.0
|
||||
Release: 0.9.%{beta}%{?dist}
|
||||
Release: 0.10.%{beta}%{?dist}
|
||||
# We remove certain patented algorithms from the openssl source tarball
|
||||
# with the hobble-openssl script which is included below.
|
||||
Source: openssl-%{version}-%{beta}-usa.tar.bz2
|
||||
@ -69,6 +69,7 @@ Patch61: openssl-1.0.0-beta3-namingblk.patch
|
||||
Patch62: openssl-1.0.0-beta3-camellia-rounds.patch
|
||||
Patch63: openssl-1.0.0-beta3-dtls1-fix.patch
|
||||
Patch64: openssl-1.0.0-beta3-ssl-session.patch
|
||||
Patch65: openssl-1.0.0-beta3-ssl-free.patch
|
||||
|
||||
License: OpenSSL
|
||||
Group: System Environment/Libraries
|
||||
@ -155,6 +156,7 @@ from other formats to the formats used by the OpenSSL toolkit.
|
||||
%patch62 -p1 -b .cmll-rounds
|
||||
%patch63 -p1 -b .dtls1-fix
|
||||
%patch64 -p1 -b .ssl-session
|
||||
%patch65 -p1 -b .ssl-free
|
||||
|
||||
# Modify the various perl scripts to reference perl in the right location.
|
||||
perl util/perlpath.pl `dirname %{__perl}`
|
||||
@ -403,6 +405,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
|
||||
%postun -p /sbin/ldconfig
|
||||
|
||||
%changelog
|
||||
* Fri Oct 16 2009 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.10.beta3
|
||||
- fix use of freed memory if SSL_CTX_free() is called before
|
||||
SSL_free() (#521342)
|
||||
|
||||
* Thu Oct 8 2009 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.9.beta3
|
||||
- fix typo in DTLS1 code (#527015)
|
||||
- fix leak in error handling of d2i_SSL_SESSION()
|
||||
|
||||
Loading…
Reference in New Issue
Block a user