commit 6afef8b1fb679df7d6a8606d713192c9907b1890
author David Benjamin <davidben@google.com> Mon Mar 14 15:03:07 2016 -0400
committer Dr. Stephen Henson <steve@openssl.org> Thu Apr 07 19:22:20 2016 +0100
tree e2113ce4f8371a8491c69ecce082509a4b71388a
parent d1094383df07cc8ae266c04cf3ace782447b4d5b

Fix memory leak on invalid CertificateRequest.

Free up parsed X509_NAME structure if the CertificateRequest message
contains excess data.

The security impact is considered insignificant. This is a client side
only leak and a large number of connections to malicious servers would
be needed to have a significant impact.

This was found by libFuzzer.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>