I've tried to reproduce the issue but it doesn't fail for me. I"ve also
looked at the code and it seems to now call OPENSSL_clear_free() which
is actually CRYPTO_clear_free() and the first thing this function does
is to check its first parameter is not NULL.
Considering all of the above, I'm
** Changed in: openssl (Ubuntu)
Importance: Undecided => High
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1551274
Title:
creating SRP file crashes openssl
Status
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: openssl (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
The following patch helps me
--- openssl-1.0.2f/crypto/srp/srp_vfy.c 2016-01-28 14:38:31.0 +0100
+++ openssl-1.0.2f-patched/crypto/srp/srp_vfy.c 2016-03-02 12:18:01.320339059
+0100
@@ -588,8 +588,12 @@
BN_free(N_bn);
BN_free(g_bn);
}
-OPENSSL_cleanse(vf,
4 matches
Mail list logo