CVE-2020-28018: Use-after-free in tls-openssl.c
authorQualys Security Advisory <qsa@qualys.com>
Mon, 22 Feb 2021 03:05:56 +0000 (19:05 -0800)
committerHeiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>
Tue, 27 Apr 2021 22:40:38 +0000 (00:40 +0200)
(cherry picked from commit 6290686dd59d8158d100c67e8f96df27158a6fc5)

src/src/tls-openssl.c

index 054b23d0cb446cb4d20803084bd090e8c0f91fca..499384b50e34c6e6159c79a9858abe8bcc4bb133 100644 (file)
@@ -3675,16 +3675,12 @@ if ((more || corked))
   {
   if (!len) buff = US &error;  /* dummy just so that string_catn is ok */
 
   {
   if (!len) buff = US &error;  /* dummy just so that string_catn is ok */
 
-#ifndef DISABLE_PIPE_CONNECT
   int save_pool = store_pool;
   store_pool = POOL_PERM;
   int save_pool = store_pool;
   store_pool = POOL_PERM;
-#endif
 
   corked = string_catn(corked, buff, len);
 
 
   corked = string_catn(corked, buff, len);
 
-#ifndef DISABLE_PIPE_CONNECT
   store_pool = save_pool;
   store_pool = save_pool;
-#endif
 
   if (more)
     {
 
   if (more)
     {