summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--CHANGES4
-rw-r--r--ssl/t1_lib.c1
2 files changed, 5 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 9c4559fa5a..9d4d7ee16c 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
Changes between 0.9.8g and 0.9.8h [xx XXX xxxx]
+ *) Fix double free in TLS server name extensions which could lead to
+ a remote crash found by Codenomicon TLS test suite (CVE-2008-0891)
+ [Joe Orton]
+
*) Clear error queue in SSL_CTX_use_certificate_chain_file()
Clear the error queue to ensure that error entries left from
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 93a4caa48e..35f04afa4a 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -381,6 +381,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
s->session->tlsext_hostname[len]='\0';
if (strlen(s->session->tlsext_hostname) != len) {
OPENSSL_free(s->session->tlsext_hostname);
+ s->session->tlsext_hostname = NULL;
*al = TLS1_AD_UNRECOGNIZED_NAME;
return 0;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-11 19:35:20 +0000