From e7f8c616d0b9388fd20ffd6c9730ea8188f27716 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 27 Nov 2022 21:51:19 +0100 Subject: [PATCH] Fix dangling freed pointer in pkcs7_free_signer_info This may have been a use-after-free, but I haven't worked out whether it was a problem or not. Even if it turns out to have been ok, keeping invalid pointers around is fragile. Signed-off-by: Gilles Peskine --- library/pkcs7.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/pkcs7.c b/library/pkcs7.c index c1446def7..fc6dd33f3 100644 --- a/library/pkcs7.c +++ b/library/pkcs7.c @@ -353,6 +353,7 @@ static void pkcs7_free_signer_info( mbedtls_pkcs7_signer_info *signer ) name_cur = name_cur->next; mbedtls_free( name_prv ); } + signer->issuer.next = NULL; } /**