Permalink
1 comment
on commit
sign in to comment.
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Fix a failure to NULL a pointer freed on error.
Reported by the LibreSSL project as a follow on to CVE-2015-0209 Reviewed-by: Richard Levitte <levitte@openssl.org>
- Loading branch information
Showing
with
16 additions
and 3 deletions.
- +11 −1 crypto/asn1/x_x509.c
- +5 −2 crypto/ec/ec_asn1.c
This comment has been minimized.
5e5d53d
Leaving "ret" (line 170) uninitialized leaves open the possibility that a future change that causes a jump to the err label before it is set at line 179. It would be safer to initialize it when it is declared.