Avoid double-free in calleres to OCSP_parse_url

set pointers to NULL after OPENSSL_free before returning to caller to avoid possible double-free in caller Signed-off-by: N Rich Salz <rsalz@akamai.com> Reviewed-by: N Richard Levitte <levitte@openssl.org>

Avoid double-free in calleres to OCSP_parse_url
set pointers to NULL after OPENSSL_free before returning to caller to avoid possible double-free in caller Signed-off-by: N Rich Salz <rsalz@akamai.com> Reviewed-by: N Richard Levitte <levitte@openssl.org>
dca7158c · Jim Basney · Rich Salz · 64256510 · dca7158c
隐藏空白更改
内联并排

Showing with 3 addition and 0 deletion

crypto/ocsp/ocsp_lib.c crypto/ocsp/ocsp_lib.c +3 -0

未找到文件。
--- a/crypto/ocsp/ocsp_lib.c
+++ b/crypto/ocsp/ocsp_lib.c
@@ -266,8 +266,11 @@ int OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath,
 err:
    OPENSSL_free(buf);
    OPENSSL_free(*ppath);
+    *ppath = NULL;
    OPENSSL_free(*pport);
+    *pport = NULL;
    OPENSSL_free(*phost);
+    *phost = NULL;
    return 0;

 }