wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/ssl
History
David Benjamin e99ab8ffd7 Fix DH error-handling in tls_process_key_exchange. 
The set0 setters take ownership of their arguments, so the values should
be set to NULL to avoid a double-free in the cleanup block should
ssl_security(SSL_SECOP_TMP_DH) fail. Found by BoringSSL's WeakDH test.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1299)
2016-07-12 15:39:42 -04:00
..
record Whitespace cleanup in ssl folder 2016-06-29 09:56:39 -04:00
statem Fix DH error-handling in tls_process_key_exchange. 2016-07-12 15:39:42 -04:00
bio_ssl.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
build.info Update build.info files for auto-init/de-init 2016-02-09 15:11:38 +00:00
d1_lib.c Whitespace cleanup in ssl folder 2016-06-29 09:56:39 -04:00
d1_msg.c Whitespace cleanup in ssl folder 2016-06-29 09:56:39 -04:00
d1_srtp.c Add checks on sk_TYPE_push() returned result 2016-06-23 14:03:29 +01:00
methods.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
packet_locl.h Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
pqueue.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
s3_cbc.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
s3_enc.c Add some missing return value checks 2016-06-13 17:38:39 +01:00
s3_lib.c Add checks on sk_TYPE_push() returned result 2016-06-23 14:03:29 +01:00
s3_msg.c Always use session_ctx when removing a session 2016-06-08 15:22:41 +01:00
ssl_asn1.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_cert.c Fix broken loading of client CAs 2016-07-02 15:30:13 -04:00
ssl_ciph.c Add checks on sk_TYPE_push() returned result 2016-06-23 14:03:29 +01:00
ssl_conf.c Spelling... and more spelling 2016-06-22 00:26:10 +02:00
ssl_err.c GH1278: Removed error code for alerts 2016-07-08 13:28:33 -04:00
ssl_init.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_lib.c Perform DANE-EE(3) name checks by default 2016-07-12 10:16:34 -04:00
ssl_locl.h Handle a memory allocation failure in ssl3_init_finished_mac() 2016-06-03 20:29:04 +01:00
ssl_mcnf.c Whitespace cleanup in ssl folder 2016-06-29 09:56:39 -04:00
ssl_rsa.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_sess.c Initialize the session_id 2016-06-14 19:30:36 +02:00
ssl_stat.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_txt.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_utst.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
t1_enc.c Spelling... and more spelling 2016-06-22 00:26:10 +02:00
t1_ext.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
t1_lib.c Spelling 2016-06-29 09:56:39 -04:00
t1_reneg.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
t1_trce.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
tls_srp.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00