1 files changed, 11 insertions, 2 deletions
diff --git a/src/lib/libcrypto/kdf/tls1_prf.c b/src/lib/libcrypto/kdf/tls1_prf.c
index a015476c34..00cc4e8fec 100644
--- a/src/lib/libcrypto/kdf/tls1_prf.c
+++ b/src/lib/libcrypto/kdf/tls1_prf.c
@@ -71,12 +71,21 @@ static int pkey_tls1_prf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
            return 0;
        if (kctx->sec != NULL)
            freezero(kctx->sec, kctx->seclen);
        explicit_bzero(kctx->seed, kctx->seedlen);
        kctx->seedlen = 0;
-        kctx->sec = OPENSSL_memdup(p2, p1);
-        if (kctx->sec == NULL)
+        kctx->sec = NULL;
+        kctx->seclen = 0;
+        if (p1 == 0 || p2 == NULL)
            return 0;
+        if ((kctx->sec = calloc(1, p1)) == NULL)
+            return 0;
+        memcpy(kctx->sec, p2, p1);
        kctx->seclen  = p1;
        return 1;
    case EVP_PKEY_CTRL_TLS_SEED:

diff --git a/src/lib/libcrypto/kdf/tls1_prf.c b/src/lib/libcrypto/kdf/tls1_prf.c index a015476c34..00cc4e8fec 100644 --- a/src/lib/libcrypto/kdf/tls1_prf.c +++ b/src/lib/libcrypto/kdf/tls1_prf.c
@@ -71,12 +71,21 @@ static int pkey_tls1_prf_ctrl(EVP_PKEY_CTX ctx, int type, int p1, void p2)
71	return 0;	71	return 0;
72	if (kctx->sec != NULL)	72	if (kctx->sec != NULL)
73	freezero(kctx->sec, kctx->seclen);	73	freezero(kctx->sec, kctx->seclen);
		74
74	explicit_bzero(kctx->seed, kctx->seedlen);	75	explicit_bzero(kctx->seed, kctx->seedlen);
75	kctx->seedlen = 0;	76	kctx->seedlen = 0;
76	kctx->sec = OPENSSL_memdup(p2, p1);	77
77	if (kctx->sec == NULL)	78	kctx->sec = NULL;
		79	kctx->seclen = 0;
		80
		81	if (p1 == 0 \|\| p2 == NULL)
78	return 0;	82	return 0;
		83
		84	if ((kctx->sec = calloc(1, p1)) == NULL)
		85	return 0;
		86	memcpy(kctx->sec, p2, p1);
79	kctx->seclen = p1;	87	kctx->seclen = p1;
		88
80	return 1;	89	return 1;
81		90
82	case EVP_PKEY_CTRL_TLS_SEED:	91	case EVP_PKEY_CTRL_TLS_SEED: