diff options
-rw-r--r-- | CHANGES | 4 | ||||
-rw-r--r-- | ssl/t1_lib.c | 1 |
2 files changed, 5 insertions, 0 deletions
@@ -4,6 +4,10 @@ Changes between 0.9.8g and 0.9.8h [xx XXX xxxx] + *) Fix double free in TLS server name extensions which could lead to + a remote crash found by Codenomicon TLS test suite (CVE-2008-0891) + [Joe Orton] + *) Clear error queue in SSL_CTX_use_certificate_chain_file() Clear the error queue to ensure that error entries left from diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 93a4caa48e..35f04afa4a 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -381,6 +381,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in s->session->tlsext_hostname[len]='\0'; if (strlen(s->session->tlsext_hostname) != len) { OPENSSL_free(s->session->tlsext_hostname); + s->session->tlsext_hostname = NULL; *al = TLS1_AD_UNRECOGNIZED_NAME; return 0; } |