summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBob Beck <beck@cvs.openbsd.org>2018-11-13 01:25:14 +0000
committerBob Beck <beck@cvs.openbsd.org>2018-11-13 01:25:14 +0000
commitcdcbb6bb9a27d251bad50dbf25c4e6d9c671f54d (patch)
treead806c02fd2c1a21be91bf5a5e8678e63071ed1c
parent4a5aa03154e917d78bcbbfc3e980a318bbf0ef6a (diff)
NULL out mdctx to prevent possible double free introduced in version 1.4
Spotted by maestre@, ok tb@
-rw-r--r--lib/libssl/tls13_key_schedule.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/libssl/tls13_key_schedule.c b/lib/libssl/tls13_key_schedule.c
index af273d6d27e..8a0b3e8af45 100644
--- a/lib/libssl/tls13_key_schedule.c
+++ b/lib/libssl/tls13_key_schedule.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_key_schedule.c,v 1.6 2018/11/10 01:34:02 jsing Exp $ */
+/* $OpenBSD: tls13_key_schedule.c,v 1.7 2018/11/13 01:25:13 beck Exp $ */
/* Copyright (c) 2018, Bob Beck <beck@openbsd.org>
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -151,6 +151,7 @@ tls13_secrets_create(const EVP_MD *digest, int resumption)
if (!EVP_DigestFinal_ex(mdctx, secrets->empty_hash.data, &mdlen))
goto err;
EVP_MD_CTX_free(mdctx);
+ mdctx = NULL;
if (secrets->empty_hash.len != mdlen)
goto err;