Fix DH error-handling in tls_process_key_exchange.
The set0 setters take ownership of their arguments, so the values should be set to NULL to avoid a double-free in the cleanup block should ssl_security(SSL_SECOP_TMP_DH) fail. Found by BoringSSL's WeakDH test. Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1299)
Showing
想要评论请 注册 或 登录