[exim-cvs] CVE-2020-28018: Use-after-free in tls-openssl.c

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Exim Git Commits Mailing List
Fecha:  
A: exim-cvs
Asunto: [exim-cvs] CVE-2020-28018: Use-after-free in tls-openssl.c
Gitweb: https://git.exim.org/exim.git/commitdiff/6649a4305126a4baa48d4c5b07568a519939fb17
Commit:     6649a4305126a4baa48d4c5b07568a519939fb17
Parent:     8761187029d998a942eaa1c0cc26592f52245446
Author:     Qualys Security Advisory <qsa@???>
AuthorDate: Sun Feb 21 19:05:56 2021 -0800
Committer:  Heiko Schlittermann (HS12-RIPE) <hs@???>
CommitDate: Thu May 27 21:30:45 2021 +0200


    CVE-2020-28018: Use-after-free in tls-openssl.c


    (cherry picked from commit 6290686dd59d8158d100c67e8f96df27158a6fc5)
    (cherry picked from commit a53a7fcfb8216764e4420d8d263356b4ed7d5cef)
---
 src/src/tls-openssl.c | 4 ----
 1 file changed, 4 deletions(-)


diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 13b0c23..eb18d64 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -4053,16 +4053,12 @@ if (more || corked)
   {
   if (!len) buff = US &error;    /* dummy just so that string_catn is ok */


-#ifndef DISABLE_PIPE_CONNECT
int save_pool = store_pool;
store_pool = POOL_PERM;
-#endif

corked = string_catn(corked, buff, len);

-#ifndef DISABLE_PIPE_CONNECT
store_pool = save_pool;
-#endif

   if (more)
     {