From HEAD:
Fix double-free in TLS server name extensions which could lead to a remote crash found by Codenomicon TLS test suite (CVE-2008-0891) Reviewed by: openssl-security@openssl.org Obtained from: jorton@redhat.com
This commit is contained in:
Bodo Möller
parent
c6f6c380c7
commit
40a706286f
2 changed files with 5 additions and 0 deletions
4
CHANGES
4
CHANGES
|
|
@ -690,6 +690,10 @@
|
|||
|
||||
Changes between 0.9.8g and 0.9.8h [xx XXX xxxx]
|
||||
|
||||
*) Fix double free in TLS server name extensions which could lead to
|
||||
a remote crash found by Codenomicon TLS test suite (CVE-2008-0891)
|
||||
[Joe Orton]
|
||||
|
||||
*) Clear error queue in SSL_CTX_use_certificate_chain_file()
|
||||
|
||||
Clear the error queue to ensure that error entries left from
|
||||
|
|
|
|||
|
|
@ -637,6 +637,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
|
|||
s->session->tlsext_hostname[len]='\0';
|
||||
if (strlen(s->session->tlsext_hostname) != len) {
|
||||
OPENSSL_free(s->session->tlsext_hostname);
|
||||
s->session->tlsext_hostname = NULL;
|
||||
*al = TLS1_AD_UNRECOGNIZED_NAME;
|
||||
return 0;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue