Commit 57594258 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

PR: 2314 

Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net>
Reviewed by: steve

Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
parent 98376899

CHANGES

+3 −0
Original line number Diff line number Diff line
@@ -173,6 +173,9 @@ 


 Changes between 0.9.8n and 1.0.0  [29 Mar 2010]



  *) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939

     [Steve Henson]



  *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher

     context. The operation can be customised via the ctrl mechanism in

     case ENGINEs want to include additional functionality.

ssl/s3_clnt.c

+1 −0
Original line number Diff line number Diff line
@@ -1526,6 +1526,7 @@ int ssl3_get_key_exchange(SSL *s) 
		s->session->sess_cert->peer_ecdh_tmp=ecdh;

		ecdh=NULL;

		BN_CTX_free(bn_ctx);

		bn_ctx = NULL;

		EC_POINT_free(srvr_ecpoint);

		srvr_ecpoint = NULL;

		}