diff options
| -rw-r--r-- | openssl/crypto/ec/ec_asn1.c | 7 | ||||
| -rw-r--r-- | openssl/crypto/evp/bio_b64.c | 1 | ||||
| -rw-r--r-- | openssl/crypto/evp/encode.c | 1 | ||||
| -rw-r--r-- | openssl/crypto/pkcs7/pk7_doit.c | 1 | ||||
| -rw-r--r-- | openssl/ssl/d1_lib.c | 9 | ||||
| -rw-r--r-- | openssl/ssl/d1_pkt.c | 18 | ||||
| -rw-r--r-- | openssl/ssl/d1_srvr.c | 1 | ||||
| -rw-r--r-- | openssl/ssl/s3_pkt.c | 9 |
8 files changed, 29 insertions, 18 deletions
diff --git a/openssl/crypto/ec/ec_asn1.c b/openssl/crypto/ec/ec_asn1.c index 175eec5..e8e5448 100644 --- a/openssl/crypto/ec/ec_asn1.c +++ b/openssl/crypto/ec/ec_asn1.c @@ -1433,8 +1433,11 @@ int i2o_ECPublicKey(EC_KEY *a, unsigned char **out) *out, buf_len, NULL)) { ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_EC_LIB); - OPENSSL_free(*out); - *out = NULL; + if (new_buffer) + { + OPENSSL_free(*out); + *out = NULL; + } return 0; } if (!new_buffer) diff --git a/openssl/crypto/evp/bio_b64.c b/openssl/crypto/evp/bio_b64.c index 72a2a67..373c340 100644 --- a/openssl/crypto/evp/bio_b64.c +++ b/openssl/crypto/evp/bio_b64.c @@ -226,6 +226,7 @@ static int b64_read(BIO *b, char *out, int outl) else if (ctx->start) { q=p=(unsigned char *)ctx->tmp; + num = 0; for (j=0; j<i; j++) { if (*(q++) != '\n') continue; diff --git a/openssl/crypto/evp/encode.c b/openssl/crypto/evp/encode.c index 28546a8..4654bdc 100644 --- a/openssl/crypto/evp/encode.c +++ b/openssl/crypto/evp/encode.c @@ -324,6 +324,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, v=EVP_DecodeBlock(out,d,n); n=0; if (v < 0) { rv=0; goto end; } + if (eof > v) { rv=-1; goto end; } ret+=(v-eof); } else diff --git a/openssl/crypto/pkcs7/pk7_doit.c b/openssl/crypto/pkcs7/pk7_doit.c index 77fda3b..4c12a9d 100644 --- a/openssl/crypto/pkcs7/pk7_doit.c +++ b/openssl/crypto/pkcs7/pk7_doit.c @@ -928,6 +928,7 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) if (EVP_DigestSignUpdate(&mctx,abuf,alen) <= 0) goto err; OPENSSL_free(abuf); + abuf = NULL; if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0) goto err; abuf = OPENSSL_malloc(siglen); diff --git a/openssl/ssl/d1_lib.c b/openssl/ssl/d1_lib.c index f61f718..1004c57 100644 --- a/openssl/ssl/d1_lib.c +++ b/openssl/ssl/d1_lib.c @@ -176,9 +176,12 @@ static void dtls1_clear_queues(SSL *s) while ( (item = pqueue_pop(s->d1->buffered_app_data.q)) != NULL) { - frag = (hm_fragment *)item->data; - OPENSSL_free(frag->fragment); - OPENSSL_free(frag); + rdata = (DTLS1_RECORD_DATA *) item->data; + if (rdata->rbuf.buf) + { + OPENSSL_free(rdata->rbuf.buf); + } + OPENSSL_free(item->data); pitem_free(item); } } diff --git a/openssl/ssl/d1_pkt.c b/openssl/ssl/d1_pkt.c index 0bf87be..028d48b 100644 --- a/openssl/ssl/d1_pkt.c +++ b/openssl/ssl/d1_pkt.c @@ -239,14 +239,6 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) } #endif - /* insert should not fail, since duplicates are dropped */ - if (pqueue_insert(queue->q, item) == NULL) - { - OPENSSL_free(rdata); - pitem_free(item); - return(0); - } - s->packet = NULL; s->packet_length = 0; memset(&(s->s3->rbuf), 0, sizeof(SSL3_BUFFER)); @@ -259,7 +251,15 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) pitem_free(item); return(0); } - + + /* insert should not fail, since duplicates are dropped */ + if (pqueue_insert(queue->q, item) == NULL) + { + OPENSSL_free(rdata); + pitem_free(item); + return(0); + } + return(1); } diff --git a/openssl/ssl/d1_srvr.c b/openssl/ssl/d1_srvr.c index 29421da..014ef52 100644 --- a/openssl/ssl/d1_srvr.c +++ b/openssl/ssl/d1_srvr.c @@ -1345,6 +1345,7 @@ int dtls1_send_server_key_exchange(SSL *s) (unsigned char *)encodedPoint, encodedlen); OPENSSL_free(encodedPoint); + encodedPoint = NULL; p += encodedlen; } #endif diff --git a/openssl/ssl/s3_pkt.c b/openssl/ssl/s3_pkt.c index 98d448d..03ed461 100644 --- a/openssl/ssl/s3_pkt.c +++ b/openssl/ssl/s3_pkt.c @@ -641,9 +641,6 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, SSL3_BUFFER *wb=&(s->s3->wbuf); SSL_SESSION *sess; - if (wb->buf == NULL) - if (!ssl3_setup_write_buffer(s)) - return -1; /* first check if there is a SSL3_BUFFER still being written * out. This will happen with non blocking IO */ @@ -659,6 +656,10 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, /* if it went, fall through and send more stuff */ } + if (wb->buf == NULL) + if (!ssl3_setup_write_buffer(s)) + return -1; + if (len == 0 && !create_empty_fragment) return 0; @@ -1060,7 +1061,7 @@ start: { s->rstate=SSL_ST_READ_HEADER; rr->off=0; - if (s->mode & SSL_MODE_RELEASE_BUFFERS) + if (s->mode & SSL_MODE_RELEASE_BUFFERS && s->s3->rbuf.left == 0) ssl3_release_read_buffer(s); } } |