PR: 2314

Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net> Reviewed by: steve Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
author: Dr. Stephen Henson <steve@openssl.org> 2010-10-10 12:15:47 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2010-10-10 12:15:47 +0000
commit: 5759425810685fc02a49d7bb3eb44eeba389b8e2 (patch)
tree: 348a42ec60f4686554c2e87d8d050799426f7ff3 /ssl
parent: 983768997e28c908fbcb7b827f9f4e4721e74a65 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index ac21f19254..0c1df8ca47 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1526,6 +1526,7 @@ int ssl3_get_key_exchange(SSL *s)
 		s->session->sess_cert->peer_ecdh_tmp=ecdh;
 		ecdh=NULL;
 		BN_CTX_free(bn_ctx);
+		bn_ctx = NULL;
 		EC_POINT_free(srvr_ecpoint);
 		srvr_ecpoint = NULL;
 		}
author	Dr. Stephen Henson <steve@openssl.org>	2010-10-10 12:15:47 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2010-10-10 12:15:47 +0000
commit	5759425810685fc02a49d7bb3eb44eeba389b8e2 (patch)
tree	348a42ec60f4686554c2e87d8d050799426f7ff3 /ssl
parent	983768997e28c908fbcb7b827f9f4e4721e74a65 (diff)