projects / platform / upstream / curl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2ecdd48) | patch
nss: prevent NSS from crashing on client auth hook failure
authorKamil Dudka <kdudka@redhat.com>
Mon, 3 Dec 2012 12:17:50 +0000 (13:17 +0100)
committerKamil Dudka <kdudka@redhat.com>
Mon, 3 Dec 2012 12:34:36 +0000 (13:34 +0100)
commit68d2830ee9df50961e481e81c1baaa290c33f03e
tree51712227f97f4072ed44d99b01eaa1dcea3df28dtree | snapshot
parent2ecdd486837d47eafb9861ea48519ed3b57d667bcommit | diff
nss: prevent NSS from crashing on client auth hook failure

Although it is not explicitly stated in the documentation, NSS uses
*pRetCert and *pRetKey even if the client authentication hook returns
a failure.  Namely, if we destroy *pRetCert without clearing *pRetCert
afterwards, NSS destroys the certificate once again, which causes a
double free.

Reported by: Bob Relyea
RELEASE-NOTES diff | blob | history
lib/nss.c diff | blob | history
Domain: Network & Connectivity / Data Network;