File openssl-CVE-2015-0209.patch of Package compat-openssl098.930

commit 1b4a8df38fc9ab3c089ca5765075ee53ec5bd66a
Author: Matt Caswell <matt@openssl.org>
Date:   Mon Feb 9 11:38:41 2015 +0000

    Fix a failure to NULL a pointer freed on error.
    
    Inspired by BoringSSL commit 517073cd4b by Eric Roman <eroman@chromium.org>
    
    CVE-2015-0209
    
    Reviewed-by: Emilia Käsper <emilia@openssl.org>

Index: openssl-0.9.8j/crypto/ec/ec_asn1.c
===================================================================
--- openssl-0.9.8j.orig/crypto/ec/ec_asn1.c	2015-03-16 17:55:36.146193639 +0100
+++ openssl-0.9.8j/crypto/ec/ec_asn1.c	2015-03-16 18:00:26.159412656 +0100
@@ -1126,8 +1126,6 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, con
                                  ERR_R_MALLOC_FAILURE);
 			goto err;
 			}
-		if (a)
-			*a = ret;
 		}
 	else
 		ret = *a;
@@ -1192,11 +1190,13 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, con
 			}
 		}
 
+	if (a)
+		*a = ret;
 	ok = 1;
 err:
 	if (!ok)
 		{
-		if (ret)
+		if (ret && (a == NULL || *a != ret))
 			EC_KEY_free(ret);
 		ret = NULL;
 		}

Places

File openssl-CVE-2015-0209.patch of Package compat-openssl098.930

Places