Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-12 11:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fix recently introduced double free in OpenSSL code.

Browse source
This commit is contained in:
Johanna Amann 2017-12-07 14:47:56 -08:00
parent 6a93abea32
commit 03f98c7022
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/file_analysis/analyzer/x509/X509.cc
View file

@ -153,7 +153,13 @@ RecordVal* file_analysis::X509::ParseCertificate(X509Val* cert_val, const char*
// key later. Otherwise it will just fail to parse the certificate key.
if ( OBJ_obj2nid(algorithm) == NID_md5WithRSAEncryption )
{
ASN1_OBJECT *copy = OBJ_dup(algorithm); // the next line will destroy the original algorithm.
X509_PUBKEY_set0_param(X509_get_X509_PUBKEY(ssl_cert), OBJ_nid2obj(NID_rsaEncryption), 0, NULL, NULL, 0);
algorithm = copy;
// we do not have to worry about freeing algorithm in that case - since it will be re-assigned using
// set0_param and the cert will take ownership.
}
else
algorithm = 0;