head	1.2;
access;
symbols;
locks; strict;
comment	@# @;


1.2
date	2010.02.26.18.47.09;	author dinoex;	state dead;
branches;
next	1.1;

1.1
date	2010.01.20.14.56.53;	author dinoex;	state Exp;
branches;
next	;


desc
@@


1.2
log
@- update to 0.9.8m
- support RFC5746
Security: CVE-2008-1678
Security: CVE-2009-1377
Security: CVE-2009-1378
Security: CVE-2009-1379
Approved by:	portmgr (pav)
Feature safe:	yes
@
text
@Index: crypto/comp/c_zlib.c
RCS File: crypto/comp/c_zlib.c,v
rcsdiff -q -kk '-r1.15.2.7' '-r1.15.2.8' -u 'crypto/comp/c_zlib.c,v' 2>/dev/null
--- c_zlib.c	2008/12/13 17:00:53	1.15.2.7
+++ c_zlib.c	2010/01/13 18:45:03	1.15.2.8
@@@@ -136,15 +136,6 @@@@
 
 static int zlib_stateful_ex_idx = -1;
 
-static void zlib_stateful_free_ex_data(void *obj, void *item,
-	CRYPTO_EX_DATA *ad, int ind,long argl, void *argp)
-	{
-	struct zlib_state *state = (struct zlib_state *)item;
-	inflateEnd(&state->istream);
-	deflateEnd(&state->ostream);
-	OPENSSL_free(state);
-	}
-
 static int zlib_stateful_init(COMP_CTX *ctx)
 	{
 	int err;
@@@@ -188,6 +179,12 @@@@
 
 static void zlib_stateful_finish(COMP_CTX *ctx)
 	{
+	struct zlib_state *state =
+		(struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data,
+			zlib_stateful_ex_idx);
+	inflateEnd(&state->istream);
+	deflateEnd(&state->ostream);
+	OPENSSL_free(state);
 	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_COMP,ctx,&ctx->ex_data);
 	}
 
@@@@ -402,7 +399,7 @@@@
 			if (zlib_stateful_ex_idx == -1)
 				zlib_stateful_ex_idx =
 					CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP,
-						0,NULL,NULL,NULL,zlib_stateful_free_ex_data);
+						0,NULL,NULL,NULL,NULL);
 			CRYPTO_w_unlock(CRYPTO_LOCK_COMP);
 			if (zlib_stateful_ex_idx == -1)
 				goto err;
@


1.1
log
@- Security patch to fix Memory leak
http://cvs.openssl.org/chngview?cn=19068
http://www.openwall.com/lists/oss-security/2010/01/13/3
Security: CVE-2009-4355
Security: CVE-2008-1678
Obtained from:	cvs.openssl.org
@
text
@@

