Google Git
Sign in
boringssl/boringssl.git/b85a4c2923d21ad8b55724e601e529c1ed3fc7cf
commit
b85a4c2923d21ad8b55724e601e529c1ed3fc7cf
[log] [tgz]
author
David Benjamin <davidben@chromium.org>
Thu Mar 19 14:47:27 2015 -0400
committer
Adam Langley <agl@google.com>
Thu Mar 19 19:52:57 2015 +0000
tree
c95534c21a3dd894ef9628475e608e4643271289
parent
cdea40c3e217a9f0a86ea4b87560727b932ed231 [diff]
Remove unnecessary NULL initializations in ssl_cert_dup.

A casual grep would suggest this function has the same problems as
CVE-2015-0291, but the structure is memset to 0, so the calls are unnecessary.
Also use BUF_memdup rather than an OPENSSL_malloc + mempcy pair.

Change-Id: Id605374d99cff32e2dccb7f9b8a9da226faf7715
Reviewed-on: https://boringssl-review.googlesource.com/4051
Reviewed-by: Adam Langley <agl@google.com>
1 file changed
tree: c95534c21a3dd894ef9628475e608e4643271289
  1. crypto/
  2. doc/
  3. include/
  4. ssl/
  5. tool/
  6. util/
  7. .clang-format
  8. .gitignore
  9. BUILDING
  10. CMakeLists.txt
  11. codereview.settings
  12. STYLE