aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/openssl/crypto/cms/cms_env.c
diff options
context:
space:
mode:
authorXin LI <delphij@FreeBSD.org>2013-04-02 17:34:42 +0000
committerXin LI <delphij@FreeBSD.org>2013-04-02 17:34:42 +0000
commit0d9d75b124880ee5a3aeb5c2af92a04340c02bef (patch)
tree953639ad57c000dc6351819b4798541490d39802 /crypto/openssl/crypto/cms/cms_env.c
parent660eb4006e69a82831062be4a4af070afccf64bc (diff)
downloadsrc-releng/9.0.tar.gz
src-releng/9.0.zip
Fix OpenSSL multiple vulnerabilities. [13:03]releng/9.0
Fix BIND remote denial of service. [13:04] Security: CVE-2013-0166, CVE-2013-0169 Security: FreeBSD-SA-13:03.openssl Security: CVE-2013-2266 Security: FreeBSD-SA-13:04.bind Approved by: so
Notes
Notes: svn path=/releng/9.0/; revision=249029
Diffstat (limited to 'crypto/openssl/crypto/cms/cms_env.c')
-rw-r--r--crypto/openssl/crypto/cms/cms_env.c12
1 files changed, 10 insertions, 2 deletions
diff --git a/crypto/openssl/crypto/cms/cms_env.c b/crypto/openssl/crypto/cms/cms_env.c
index d499ae85b400..b8685fa17590 100644
--- a/crypto/openssl/crypto/cms/cms_env.c
+++ b/crypto/openssl/crypto/cms/cms_env.c
@@ -352,6 +352,8 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
unsigned char *ek = NULL;
int eklen;
int ret = 0;
+ CMS_EncryptedContentInfo *ec;
+ ec = cms->d.envelopedData->encryptedContentInfo;
if (ktri->pkey == NULL)
{
@@ -382,8 +384,14 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
ret = 1;
- cms->d.envelopedData->encryptedContentInfo->key = ek;
- cms->d.envelopedData->encryptedContentInfo->keylen = eklen;
+ if (ec->key)
+ {
+ OPENSSL_cleanse(ec->key, ec->keylen);
+ OPENSSL_free(ec->key);
+ }
+
+ ec->key = ek;
+ ec->keylen = eklen;
err:
if (!ret && ek)