~ubuntu-branches/ubuntu/jaunty/openssl/jaunty-security

Committer: Bazaar Package Importer
Author(s): Kees Cook
Date: 2010-01-13 11:19:14 UTC
Revision ID: james.westby@ubuntu.com-20100113111914-xf3ja076qfc5fpbs

Tags: 0.9.8g-15ubuntu3.4

* SECURITY UPDATE: memory leak possible during state clean-up.
- crypto/comp/c_zlib.c: upstream fixes applied inline.
- CVE-2009-4355

files modified:
crypto/comp/c_zlib.c

debian/changelog

Show diffs side-by-side

added added

removed removed

crypto/comp/c_zlib.c

133

134

static int zlib_stateful_ex_idx = -1;

135

136

static void zlib_stateful_free_ex_data(void *obj, void *item,

137

CRYPTO_EX_DATA *ad, int ind,long argl, void *argp)

138

{

139

struct zlib_state *state = (struct zlib_state *)item;

140

inflateEnd(&state->istream);

141

deflateEnd(&state->ostream);

142

OPENSSL_free(state);

143

}

144

145

136

static int zlib_stateful_init(COMP_CTX *ctx)

146

137

{

147

138

int err;

185

176

186

177

static void zlib_stateful_finish(COMP_CTX *ctx)

187

178

{

179

struct zlib_state *state =

180

(struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data,

181

zlib_stateful_ex_idx);

182

inflateEnd(&state->istream);

183

deflateEnd(&state->ostream);

184

OPENSSL_free(state);

188

185

CRYPTO_free_ex_data(CRYPTO_EX_INDEX_COMP,ctx,&ctx->ex_data);

189

186

}

190

187

396

393

if (zlib_stateful_ex_idx == -1)

397

394

zlib_stateful_ex_idx =

398

395

CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP,

399

0,NULL,NULL,NULL,zlib_stateful_free_ex_data);

396

0,NULL,NULL,NULL,NULL);

400

397

CRYPTO_w_unlock(CRYPTO_LOCK_COMP);

401

398

if (zlib_stateful_ex_idx == -1)

402

399

goto err;

Older »