diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2009-09-02 13:20:32 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2009-09-02 13:20:32 +0000 |
commit | 3d9b105fe042b4986467ec12d881fa8a33ecd9ec (patch) | |
tree | 3701125aee26b755c61f01f70218103fe1639521 | |
parent | 70dc09ebe439f181e8472b2a8dcd4092591b5db4 (diff) |
PR: 2009
Submitted by: "Alexei Khlebnikov" <alexei.khlebnikov@opera.com>
Approved by: steve@openssl.org
Avoid memory leak and fix error reporting in d2i_SSL_SESSION(). NB: although
the ticket mentions buffer overruns this isn't a security issue because
the SSL_SESSION structure is generated internally and it should never be
possible to supply its contents from an untrusted application (this would
among other things destroy session cache security).
-rw-r--r-- | ssl/ssl_asn1.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c index 1804f3658b..93311eadf6 100644 --- a/ssl/ssl_asn1.c +++ b/ssl/ssl_asn1.c @@ -413,8 +413,8 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, } else { - SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION); - return(NULL); + c.error=SSL_R_UNKNOWN_SSL_VERSION; + goto err; } ret->cipher=NULL; @@ -505,8 +505,8 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, { if (os.length > SSL_MAX_SID_CTX_LENGTH) { - ret->sid_ctx_length=os.length; - SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH); + c.error=SSL_R_BAD_LENGTH; + goto err; } else { |