fix use of uninitialized memory
This commit is contained in:
parent
31d61b19d5
commit
4784e45765
@ -65,3 +65,17 @@ diff -up openssl-1.1.1c/crypto/err/err.c.sync openssl-1.1.1c/crypto/err/err.c
|
||||
}
|
||||
}
|
||||
if (str->string == NULL)
|
||||
diff -up openssl-1.1.1c/crypto/rand/rand_lib.c.sync openssl-1.1.1c/crypto/rand/rand_lib.c
|
||||
--- openssl-1.1.1c/crypto/rand/rand_lib.c.sync 2019-05-29 17:20:17.175099183 +0200
|
||||
+++ openssl-1.1.1c/crypto/rand/rand_lib.c 2019-05-30 11:51:20.784850208 +0200
|
||||
@@ -239,8 +239,9 @@ size_t rand_drbg_get_nonce(RAND_DRBG *dr
|
||||
struct {
|
||||
void * instance;
|
||||
int count;
|
||||
- } data = { NULL, 0 };
|
||||
+ } data;
|
||||
|
||||
+ memset(&data, 0, sizeof(data));
|
||||
pool = rand_pool_new(0, min_len, max_len);
|
||||
if (pool == NULL)
|
||||
return 0;
|
||||
|
@ -22,7 +22,7 @@
|
||||
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
||||
Name: openssl
|
||||
Version: 1.1.1c
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
Epoch: 1
|
||||
# We have to remove certain patented algorithms from the openssl source
|
||||
# tarball with the hobble-openssl script which is included below.
|
||||
@ -454,6 +454,9 @@ export LD_LIBRARY_PATH
|
||||
%ldconfig_scriptlets libs
|
||||
|
||||
%changelog
|
||||
* Thu May 30 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1c-2
|
||||
- fix use of uninitialized memory
|
||||
|
||||
* Wed May 29 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1c-1
|
||||
- update to the 1.1.1c release
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user