openssl - Mirror of https://github.com/openssl/openssl

diff options

author	David Benjamin <davidben@google.com>	2016-03-14 15:03:07 -0400
committer	Dr. Stephen Henson <steve@openssl.org>	2016-04-07 19:22:20 +0100
commit	6afef8b1fb679df7d6a8606d713192c9907b1890 (patch)
tree	e2113ce4f8371a8491c69ecce082509a4b71388a /ssl/ssl_lib.c
parent	d1094383df07cc8ae266c04cf3ace782447b4d5b (diff)

Fix memory leak on invalid CertificateRequest.

Free up parsed X509_NAME structure if the CertificateRequest message contains excess data. The security impact is considered insignificant. This is a client side only leak and a large number of connections to malicious servers would be needed to have a significant impact. This was found by libFuzzer. Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org>

Diffstat (limited to 'ssl/ssl_lib.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: