Skip to content
  1. May 20, 2019
  2. May 16, 2019
  3. May 09, 2019
  4. May 08, 2019
  5. May 07, 2019
  6. May 02, 2019
  7. Apr 30, 2019
  8. Apr 25, 2019
  9. Apr 24, 2019
  10. Apr 23, 2019
  11. Apr 19, 2019
  12. Apr 18, 2019
    • Richard Levitte's avatar
      asn1parse: avoid double free · 18111b13
      Richard Levitte authored
      
      
      |str| was used for multiple conflicting purposes.  When using
      '-strictpem', it's used to uniquely hold a reference to the loaded
      payload.  However, when using '-strparse', |str| was re-used to hold
      the position from where to start parsing.
      
      So when '-strparse' and '-strictpem' are were together, |str| ended up
      pointing into data pointed at by |at|, and was yet being freed, with
      the result that the payload it held a reference to became a memory
      leak, and there was a double free conflict when both |str| and |at|
      were being freed.
      
      The situation is resolved by always having |buf| hold the pointer to
      the file data, and always and only use |str| to hold the position to
      start parsing from.  Now, we only need to free |buf| properly and not
      |str|.
      
      Fixes #8752
      
      Reviewed-by: default avatarMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
      (Merged from https://github.com/openssl/openssl/pull/8753)
      
      (cherry picked from commit 4f29f3a29b8b416a501c7166dbbca5284b198f81)
      18111b13
  13. Apr 16, 2019
  14. Apr 15, 2019
  15. Apr 14, 2019
  16. Apr 10, 2019
  17. Apr 09, 2019