Thanks ViKtor. I tested your patch and it is holding up well on our environment.
Srinivas -----Original Message----- From: The default queue via RT [mailto:r...@openssl.org] Sent: Tuesday, December 22, 2015 10:04 AM To: Srinivas Koripella Subject: [openssl.org #4193] AutoReply: Minor Issue with X509_STORE_CTX_init and it's callers. Greetings, This message has been automatically generated in response to the creation of a trouble ticket regarding: "Minor Issue with X509_STORE_CTX_init and it's callers.", a summary of which appears below. There is no need to reply to this message right now. Your ticket has been assigned an ID of [openssl.org #4193]. Please include the string: [openssl.org #4193] in the subject line of all future correspondence about this issue. To do so, you may reply to this message. Thank you, r...@openssl.org ------------------------------------------------------------------------- Hello all, There is a minor issue with X509_STORE_CTX_init and its usage. Most of the callers of X509_STORE_CTX_init use a stack variable and pass its address as the ctx argument to this function. However, X509_STORE_CTX_init in case of an error in the call to CRYPTO_new_ex_data does an OPENSSL_free on this stack variable. This in theory should be ok as the underlying free implementation should probably be a no-op as this address is from the stack. However, on systems that does strict checks on allocated memory heap this can be a problem. One potential fix could be to remove the OPENSSL_free and let the caller take responsibility for his memory. Thanks. Srinivas _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
