[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] pki_crypto: Avoid segfault with OpenSSL 1.1.0


On Wednesday, 8 November 2017 15:42:47 CET Jakub Jelen wrote:
> On Tue, 2017-11-07 at 11:53 -0500, Jon Simons wrote:
> > On 11/7/17 4:11 AM, Jakub Jelen wrote:
> > > Hello,
> > > this patch is an addition to the commit 954da14 which is trying to
> > > use
> > > non-deprecated functions in OpenSSL 1.1.0.
> > > 
> > > But the newly function needs special allocation of the dsa
> > > structure
> > > before, which was missing. See the attached patch (or on github
> > > [1]).
> > > 
> > > [1] https://github.com/Jakuje/libssh/commit/dcdba1a
> > 
> > I believe that if DSA_generate_parameters_ex fails, the key->dsa
> > needs to be DSA_free'd and then set to NULL in the error-out path
> 
> > on line 469:
> Yes, you are right. Thank you for review. The patch resolving this is
> attached. It also improves the first condition could be written more
> consistently with the rest of the code.

Thanks for the review Jon!

Pushed :-)


Archive administrator: postmaster@lists.cynapses.org