Module Name: src
Committed By: drochner
Date: Tue Dec 7 10:03:29 UTC 2010
Modified Files:
src/crypto/external/bsd/openssl/dist/ssl: t1_lib.c
Log Message:
fix bug introduced by last security patch, from upstream CVS:
Don't assume a decode error if session tlsext_ecpointformatlist is
not NULL: it can be legitimately set elsewhere.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c:1.2 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c:1.3
--- src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c:1.2 Wed Nov 17 12:09:34 2010
+++ src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c Tue Dec 7 10:03:29 2010
@@ -778,8 +778,8 @@
{
if(s->session->tlsext_ecpointformatlist)
{
- *al = TLS1_AD_DECODE_ERROR;
- return 0;
+ OPENSSL_free(s->session->tlsext_ecpointformatlist);
+ s->session->tlsext_ecpointformatlist = NULL;
}
s->session->tlsext_ecpointformatlist_length = 0;
if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL)
