PR: 2314

Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net> Reviewed by: steve Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
author: Dr. Stephen Henson <steve@openssl.org> 2010-10-10 12:21:23 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2010-10-10 12:21:23 +0000
commit: a073129293fd1cc0dbb1325d36fa85eb3190feb0 (patch)
tree: b48f6c66304f831c7aab8392750b5274777c9012 /ssl
parent: 93fc0e0e40a1c0dedd5cbacf8b11caef7079b953 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index b0d49d8cd3..f0995b96ac 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1376,6 +1376,7 @@ int ssl3_get_key_exchange(SSL *s)
 		s->session->sess_cert->peer_ecdh_tmp=ecdh;
 		ecdh=NULL;
 		BN_CTX_free(bn_ctx);
+		bn_ctx = NULL;
 		EC_POINT_free(srvr_ecpoint);
 		srvr_ecpoint = NULL;
 		}
author	Dr. Stephen Henson <steve@openssl.org>	2010-10-10 12:21:23 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2010-10-10 12:21:23 +0000
commit	a073129293fd1cc0dbb1325d36fa85eb3190feb0 (patch)
tree	b48f6c66304f831c7aab8392750b5274777c9012 /ssl
parent	93fc0e0e40a1c0dedd5cbacf8b11caef7079b953 (diff)