Skip to content
Commit 7a433893 authored by David Benjamin's avatar David Benjamin Committed by Dr. Stephen Henson
Browse files

Fix memory leak on invalid CertificateRequest.



Free up parsed X509_NAME structure if the CertificateRequest message
contains excess data.

The security impact is considered insignificant. This is a client side
only leak and a large number of connections to malicious servers would
be needed to have a significant impact.

This was found by libFuzzer.

Reviewed-by: default avatarEmilia Käsper <emilia@openssl.org>
Reviewed-by: default avatarStephen Henson <steve@openssl.org>
(cherry picked from commit ec66c8c9)
parent f4bed7c7
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment