From 367688c05988bc7257d7e1801c5acf17ef7e854d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
Date: Tue, 12 Feb 2019 15:09:11 +0100
Subject: [PATCH 1/3] Automatically NULLify after gnutls_free()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This method prevents direct use-after-free and
double-free issues.

Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

CVE: CVE-2019-3829
Upstream-Status: Backport
[https://gitlab.com/gnutls/gnutls/commit/d39778e43d1674cb3ab3685157fd299816d535c0]

Signed-off-by: Dan Tran <dantran@microsoft.com>
---
 lib/includes/gnutls/gnutls.h.in | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index 49990b5f5..fa77fd0df 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -2132,6 +2132,10 @@ extern _SYM_EXPORT gnutls_realloc_function gnutls_realloc;
 extern _SYM_EXPORT gnutls_calloc_function gnutls_calloc;
 extern _SYM_EXPORT gnutls_free_function gnutls_free;
 
+#ifdef GNUTLS_INTERNAL_BUILD
+#define gnutls_free(a) gnutls_free((void *) (a)), a=NULL
+#endif
+
 extern _SYM_EXPORT char *(*gnutls_strdup) (const char *);
 
 /* a variant of memset that doesn't get optimized out */
-- 
2.22.0.vfs.1.1.57.gbaf16c8