SRP_create_verifier does not check for NULL before OPENSSL_cleanse (7fb82d06) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit 7fb82d06 authored Aug 26, 2016 by

Matt Caswell

SRP_create_verifier does not check for NULL before OPENSSL_cleanse



OPENSSL_cleanse() does not validate its input parameter for NULL so
SRP_create_verifier() should do so instead. Otherwise a segfault will
result.

Alternative solution to GitHub PR#1006

Reviewed-by: Rich Salz <rsalz@openssl.org>

parent 06a549c4

Hide whitespace changes

Inline Side-by-side

Please register or to comment