Skip to content
Commit e99ab8ff authored by David Benjamin's avatar David Benjamin Committed by Rich Salz
Browse files

Fix DH error-handling in tls_process_key_exchange.



The set0 setters take ownership of their arguments, so the values should
be set to NULL to avoid a double-free in the cleanup block should
ssl_security(SSL_SECOP_TMP_DH) fail. Found by BoringSSL's WeakDH test.

Reviewed-by: default avatarKurt Roeckx <kurt@openssl.org>
Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1299)
parent 3307000d
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment