summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjsing <>2020-09-26 14:43:17 +0000
committerjsing <>2020-09-26 14:43:17 +0000
commit5068512c1d5a02141d634c09f52dc97a6096a032 (patch)
tree3ab9fb4ff9a8215ce9b9bc92be9d1a9d42999a94
parent9b13245446b00e24d00467fda708aec05a3ac606 (diff)
downloadopenbsd-5068512c1d5a02141d634c09f52dc97a6096a032.tar.gz
openbsd-5068512c1d5a02141d634c09f52dc97a6096a032.tar.bz2
openbsd-5068512c1d5a02141d634c09f52dc97a6096a032.zip
Call dtls1_hm_fragment_free() from dtls1_drain_fragments()
Currently dtls1_drain_fragments() has a incomplete handrolled version of dtls1_hm_fragment_free(), which has the potential to leak memory. Replace the handrolled free with a call to dtls1_hm_fragment_free(). ok inoguchi@ tb@
Diffstat
-rw-r--r--src/lib/libssl/d1_both.c6
-rw-r--r--src/lib/libssl/d1_lib.c9
2 files changed, 7 insertions, 8 deletions
diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c
index 6541a395a7..3d2516ce41 100644
--- a/src/lib/libssl/d1_both.c
+++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_both.c,v 1.59 2020/09/26 08:58:00 jsing Exp $ */ 1/* $OpenBSD: d1_both.c,v 1.60 2020/09/26 14:43:17 jsing Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -166,7 +166,7 @@ static int dtls1_write_message_header(const struct hm_header_st *msg_hdr,
166static long dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, 166static long dtls1_get_message_fragment(SSL *s, int st1, int stn, long max,
167 int *ok); 167 int *ok);
168 168
169static void dtls1_hm_fragment_free(hm_fragment *frag); 169void dtls1_hm_fragment_free(hm_fragment *frag);
170 170
171static hm_fragment * 171static hm_fragment *
172dtls1_hm_fragment_new(unsigned long frag_len, int reassembly) 172dtls1_hm_fragment_new(unsigned long frag_len, int reassembly)
@@ -195,7 +195,7 @@ dtls1_hm_fragment_new(unsigned long frag_len, int reassembly)
195 return NULL; 195 return NULL;
196} 196}
197 197
198static void 198void
199dtls1_hm_fragment_free(hm_fragment *frag) 199dtls1_hm_fragment_free(hm_fragment *frag)
200{ 200{
201 if (frag == NULL) 201 if (frag == NULL)
diff --git a/src/lib/libssl/d1_lib.c b/src/lib/libssl/d1_lib.c
index b2f05452c8..b7d23ef4ca 100644
--- a/src/lib/libssl/d1_lib.c
+++ b/src/lib/libssl/d1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_lib.c,v 1.49 2020/09/26 09:01:05 jsing Exp $ */ 1/* $OpenBSD: d1_lib.c,v 1.50 2020/09/26 14:43:17 jsing Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -70,6 +70,8 @@
70#include "pqueue.h" 70#include "pqueue.h"
71#include "ssl_locl.h" 71#include "ssl_locl.h"
72 72
73void dtls1_hm_fragment_free(hm_fragment *frag);
74
73static int dtls1_listen(SSL *s, struct sockaddr *client); 75static int dtls1_listen(SSL *s, struct sockaddr *client);
74 76
75SSL3_ENC_METHOD DTLSv1_enc_data = { 77SSL3_ENC_METHOD DTLSv1_enc_data = {
@@ -130,15 +132,12 @@ static void
130dtls1_drain_fragments(pqueue queue) 132dtls1_drain_fragments(pqueue queue)
131{ 133{
132 pitem *item; 134 pitem *item;
133 hm_fragment *frag;
134 135
135 if (queue == NULL) 136 if (queue == NULL)
136 return; 137 return;
137 138
138 while ((item = pqueue_pop(queue)) != NULL) { 139 while ((item = pqueue_pop(queue)) != NULL) {
139 frag = (hm_fragment *)item->data; 140 dtls1_hm_fragment_free(item->data);
140 free(frag->fragment);
141 free(frag);
142 pitem_free(item); 141 pitem_free(item);
143 } 142 }
144} 143}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 23:00:25 +0000