Remove an NULL ptr deref in an error path

The |passwd| variable in the code can be NULL if it goes to the err label. Therefore we cannot call strlen on it without first checking that it is non NULL. Reviewed-by: N Kurt Roeckx <kurt@openssl.org>

Remove an NULL ptr deref in an error path
The |passwd| variable in the code can be NULL if it goes to the err label. Therefore we cannot call strlen on it without first checking that it is non NULL. Reviewed-by: N Kurt Roeckx <kurt@openssl.org>
d73ca3ef · Matt Caswell · e4693b4e · d73ca3ef
隐藏空白更改
内联并排

Showing with 2 addition and 1 deletion

ssl/tls_srp.c ssl/tls_srp.c +2 -1

未找到文件。
--- a/ssl/tls_srp.c
+++ b/ssl/tls_srp.c
@@ -393,7 +393,8 @@ int srp_generate_client_master_secret(SSL *s)
 err:
    BN_clear_free(K);
    BN_clear_free(x);
-    OPENSSL_clear_free(passwd, strlen(passwd));
+    if (passwd != NULL)
+        OPENSSL_clear_free(passwd, strlen(passwd));
    BN_clear_free(u);
    return ret;
 }