Skip to content
  1. Apr 25, 2019
  2. Apr 24, 2019
  3. Apr 23, 2019
  4. Apr 20, 2019
  5. Apr 19, 2019
  6. Apr 18, 2019
    • Richard Levitte's avatar
      asn1parse: avoid double free · 4f29f3a2
      Richard Levitte authored
      
      
      |str| was used for multiple conflicting purposes.  When using
      '-strictpem', it's used to uniquely hold a reference to the loaded
      payload.  However, when using '-strparse', |str| was re-used to hold
      the position from where to start parsing.
      
      So when '-strparse' and '-strictpem' are were together, |str| ended up
      pointing into data pointed at by |at|, and was yet being freed, with
      the result that the payload it held a reference to became a memory
      leak, and there was a double free conflict when both |str| and |at|
      were being freed.
      
      The situation is resolved by always having |buf| hold the pointer to
      the file data, and always and only use |str| to hold the position to
      start parsing from.  Now, we only need to free |buf| properly and not
      |str|.
      
      Fixes #8752
      
      Reviewed-by: default avatarMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
      (Merged from https://github.com/openssl/openssl/pull/8753)
      4f29f3a2