Google Git
Sign in
pigweed/third_party/github/ARMmbed/mbedtls/a2fce21ae5b5bd74c66e305f864ff5875cf9df81^!/./ChangeLog
commit
a2fce21ae5b5bd74c66e305f864ff5875cf9df81
[log]
author
Manuel Pégourié-Gonnard <mpg@elzevir.fr>
Wed Apr 15 19:09:03 2015 +0200
committer
Manuel Pégourié-Gonnard <mpg@elzevir.fr>
Wed Apr 15 21:04:19 2015 +0200
tree
9081d7e2e8927c35d3d18d87f57a740d6a4d828a
parent
ce60fbeb301b2aa2fdf50349d49a3f19cf324716 [diff] [blame]
Fix potential NULL dereference on bad usage

diff --git a/ChangeLog b/ChangeLog
index edcd42d..39ae43f 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -27,6 +27,9 @@
      errors on use of deprecated functions.
 
 Bugfix
+   * Fix potential NULL pointer dereference (not trigerrable remotely) when
+     ssl_write() is called before the handshake is finished (introduced in
+     1.3.10) (first reported by Martin Blumenstingl).
    * Fix bug in pk_parse_key() that caused some valid private EC keys to be
      rejected.
    * Fix bug in Via Padlock support (found by Nikos Mavrogiannopoulos).