diff options
| author | Matt Caswell <matt@openssl.org> | 2015-11-10 23:12:36 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2015-11-17 11:17:37 +0000 |
| commit | d73ca3efa74bbb620a1e74deb5eec6f3d10203d5 (patch) | |
| tree | 7a102c1f0b8feb798077ba2c237ed355cd9b2123 | |
| parent | e4693b4e2a0c3f6241d4d3e61460c34c7e0013f6 (diff) | |
Remove an NULL ptr deref in an error path
The |passwd| variable in the code can be NULL if it goes to the err label.
Therefore we cannot call strlen on it without first checking that it is non
NULL.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
| -rw-r--r-- | ssl/tls_srp.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl/tls_srp.c b/ssl/tls_srp.c index 91b88cd11f..64a3f23df7 100644 --- a/ssl/tls_srp.c +++ b/ssl/tls_srp.c @@ -393,7 +393,8 @@ int srp_generate_client_master_secret(SSL *s) err: BN_clear_free(K); BN_clear_free(x); - OPENSSL_clear_free(passwd, strlen(passwd)); + if (passwd != NULL) + OPENSSL_clear_free(passwd, strlen(passwd)); BN_clear_free(u); return ret; } |