From 3d9b105fe042b4986467ec12d881fa8a33ecd9ec Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 2 Sep 2009 13:20:32 +0000 Subject: PR: 2009 Submitted by: "Alexei Khlebnikov" Approved by: steve@openssl.org Avoid memory leak and fix error reporting in d2i_SSL_SESSION(). NB: although the ticket mentions buffer overruns this isn't a security issue because the SSL_SESSION structure is generated internally and it should never be possible to supply its contents from an untrusted application (this would among other things destroy session cache security). --- ssl/ssl_asn1.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'ssl/ssl_asn1.c') diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c index 1804f3658b..93311eadf6 100644 --- a/ssl/ssl_asn1.c +++ b/ssl/ssl_asn1.c @@ -413,8 +413,8 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, } else { - SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION); - return(NULL); + c.error=SSL_R_UNKNOWN_SSL_VERSION; + goto err; } ret->cipher=NULL; @@ -505,8 +505,8 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, { if (os.length > SSL_MAX_SID_CTX_LENGTH) { - ret->sid_ctx_length=os.length; - SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH); + c.error=SSL_R_BAD_LENGTH; + goto err; } else { -- cgit v1.2.3