root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

kdf_scrypt_reset(): NULLify freed pointers 

Otherwise doublefree happens with further usage.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/26488)
This commit is contained in:
Tomas Mraz 2025-01-20 08:53:21 +01:00
parent 2dded72022
commit 901b108154
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
providers/implementations/kdfs/scrypt.c
View File

@ -92,7 +92,9 @@ static void kdf_scrypt_reset(void *vctx)
KDF_SCRYPT *ctx = (KDF_SCRYPT *)vctx;
OPENSSL_free(ctx->salt);
ctx->salt = NULL;
OPENSSL_clear_free(ctx->pass, ctx->pass_len);
ctx->pass = NULL;
kdf_scrypt_init(ctx);
}