diff options
author | Pauli <pauli@openssl.org> | 2021-04-19 08:59:37 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-04-21 09:17:22 +1000 |
commit | 6bcbc3698557739da03495920a57be4ffe219fa4 (patch) | |
tree | 15f547c9f2986da5539cc29a130a02d6d0c93f38 /test | |
parent | efe8d69daa1a68be0a7f0f73220947c848e7ed1d (diff) | |
download | openssl-6bcbc3698557739da03495920a57be4ffe219fa4.tar.gz |
test: fix double free problems.
In function test_EVP_PKEY_ffc_priv_pub, params is freed via OSSL_PARAM_free() at line 577.
If the condition at line 581 is true, the execution will goto err, and params will be freed again at line 630.
The same problem also happens at line 593 and line 609, which causes two double free bugs.
Bugs reported by @Yunlongs
Fixes 14916
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14921)
Diffstat (limited to 'test')
-rw-r--r-- | test/evp_extra_test.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index 6140e16e26..a290878a7d 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -575,6 +575,7 @@ static int test_EVP_PKEY_ffc_priv_pub(char *keytype) if (!test_fromdata(keytype, params)) goto err; OSSL_PARAM_free(params); + params = NULL; OSSL_PARAM_BLD_free(bld); /* Test priv and !pub */ @@ -591,6 +592,7 @@ static int test_EVP_PKEY_ffc_priv_pub(char *keytype) if (!test_fromdata(keytype, params)) goto err; OSSL_PARAM_free(params); + params = NULL; OSSL_PARAM_BLD_free(bld); /* Test !priv and pub */ @@ -607,6 +609,7 @@ static int test_EVP_PKEY_ffc_priv_pub(char *keytype) if (!test_fromdata(keytype, params)) goto err; OSSL_PARAM_free(params); + params = NULL; OSSL_PARAM_BLD_free(bld); /* Test priv and pub */ |