Skip to content
  1. Apr 30, 2019
  2. Apr 25, 2019
  3. Apr 24, 2019
  4. Apr 23, 2019
  5. Apr 19, 2019
  6. Apr 18, 2019
    • Richard Levitte's avatar
      asn1parse: avoid double free · 18111b13
      Richard Levitte authored
      
      
      |str| was used for multiple conflicting purposes.  When using
      '-strictpem', it's used to uniquely hold a reference to the loaded
      payload.  However, when using '-strparse', |str| was re-used to hold
      the position from where to start parsing.
      
      So when '-strparse' and '-strictpem' are were together, |str| ended up
      pointing into data pointed at by |at|, and was yet being freed, with
      the result that the payload it held a reference to became a memory
      leak, and there was a double free conflict when both |str| and |at|
      were being freed.
      
      The situation is resolved by always having |buf| hold the pointer to
      the file data, and always and only use |str| to hold the position to
      start parsing from.  Now, we only need to free |buf| properly and not
      |str|.
      
      Fixes #8752
      
      Reviewed-by: default avatarMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
      (Merged from https://github.com/openssl/openssl/pull/8753)
      
      (cherry picked from commit 4f29f3a2)
      18111b13
  7. Apr 16, 2019
  8. Apr 15, 2019
  9. Apr 14, 2019
  10. Apr 10, 2019
  11. Apr 09, 2019
  12. Apr 08, 2019
  13. Apr 06, 2019
  14. Apr 05, 2019
  15. Apr 04, 2019
  16. Apr 03, 2019
  17. Apr 02, 2019
  18. Mar 31, 2019