openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity
openssl/ssl
History
Bernd Edlinger 54e178640d Fix a possible use-after-free in custom_exts_free 
This may happen when ssl_cert_dup calls custom_exts_copy, where
a possible memory allocation error causes custom_exts_free
to be called twice: once in the error handling of custom_exts_copy
and a second time in the error handling of ssl_cert_dup.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22772)

(cherry picked from commit bc0773bbbd)
 		2023-11-22 09:36:28 +01:00
..
quic Correct tag len check when determining how much space we have in the pkt 2023-11-15 11:07:16 +01:00
record Make sure we remember how much data we sent in the event of a retry 2023-10-24 17:37:19 +01:00
statem Fix a possible use-after-free in custom_exts_free 2023-11-22 09:36:28 +01:00
bio_ssl.c Copyright year updates 2023-09-07 09:59:15 +01:00
build.info Revise build.info 2023-03-30 11:14:17 +01:00
d1_lib.c Move freeing of an old record layer to dtls1_clear_sent_buffer 2023-11-21 13:12:15 +01:00
d1_msg.c Copyright year updates 2023-09-07 09:59:15 +01:00
d1_srtp.c Copyright year updates 2023-09-07 09:59:15 +01:00
event_queue.c Remove a spurious inclusion of the sparse array header file 2023-09-25 07:45:32 +10:00
methods.c
pqueue.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
priority_queue.c Fix bug in priority queue remove function 2023-11-08 11:09:35 +00:00
s3_enc.c Copyright year updates 2023-09-07 09:59:15 +01:00
s3_lib.c Fix a possible memory leak of ssl->s3.tmp.psk 2023-11-09 17:35:54 +01:00
s3_msg.c Resolve a TODO in ssl3_dispatch_alert 2022-11-14 10:14:41 +01:00
ssl_asn1.c RFC7250 (RPK) support 2023-03-28 13:49:54 -04:00
ssl_cert.c tls: update to structure based atomics 2023-07-01 21:18:25 +10:00
ssl_cert_comp.c Copyright year updates 2023-09-07 09:59:15 +01:00
ssl_cert_table.h Copyright year updates 2023-09-07 09:59:15 +01:00
ssl_ciph.c Fix a possible memory leak in load_builtin_compressions 2023-11-02 08:17:54 +00:00
ssl_conf.c "foo * bar" should be "foo *bar" 2023-09-11 10:15:30 +02:00
ssl_err.c QUIC APL: Implement backpressure on stream creation 2023-08-25 15:10:43 +02:00
ssl_err_legacy.c
ssl_init.c Copyright year updates 2023-09-28 14:23:29 +01:00
ssl_lib.c Fix a possible memory leak in dane_tlsa_add 2023-11-22 09:20:35 +01:00
ssl_local.h Fix the SSL_CIPHER_find() function when used with a QCSO 2023-09-12 15:29:00 +02:00
ssl_mcnf.c
ssl_rsa.c Copyright year updates 2023-09-07 09:59:15 +01:00
ssl_rsa_legacy.c
ssl_sess.c fix memory allocation and reference counting issues 2023-07-05 08:34:00 +10:00
ssl_stat.c Add support for compressed certificates (RFC8879) 2022-10-18 09:30:22 -04:00
ssl_txt.c Cast values to match printf format strings. 2022-11-14 07:47:53 +00:00
ssl_utst.c Remove the old buffer management code 2022-10-20 14:39:33 +01:00
sslerr.h Provide better errors for some QUIC failures 2023-03-20 09:35:38 +11:00
t1_enc.c Copyright year updates 2023-09-07 09:59:15 +01:00
t1_lib.c Minor fixes 2023-07-05 09:03:04 +10:00
t1_trce.c Fix an SSL_trace bug 2023-05-24 12:18:33 +01:00
tls13_enc.c Copyright year updates 2023-09-07 09:59:15 +01:00
tls_depr.c
tls_srp.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00