diff options
| author | bcook <> | 2014-10-20 12:55:21 +0000 |
|---|---|---|
| committer | bcook <> | 2014-10-20 12:55:21 +0000 |
| commit | 514ab254d4a55f1937d1cb4e94c49f7819060f3e (patch) | |
| tree | b1fd37259a697858f5f1f6c610c09c66eb5dfab3 | |
| parent | 28930ddf4fd6c1c993650ea60031148dd17e39ef (diff) | |
| download | openbsd-514ab254d4a55f1937d1cb4e94c49f7819060f3e.tar.gz openbsd-514ab254d4a55f1937d1cb4e94c49f7819060f3e.tar.bz2 openbsd-514ab254d4a55f1937d1cb4e94c49f7819060f3e.zip | |
SSL: Fix memory leak in d2i_SSL_SESSION.
Modified version of patch from Dmitry Eremin-Solenikov.
==28360== 98 bytes in 2 blocks are definitely lost in loss record 7 of 7
==28360== at 0x402AC54: realloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==28360== by 0x40E2D2C: ASN1_STRING_set (asn1_lib.c:393)
==28360== by 0x40EC22C: asn1_ex_c2i (tasn_dec.c:959)
==28360== by 0x40EC632: asn1_d2i_ex_primitive (tasn_dec.c:824)
==28360== by 0x40ED2E6: ASN1_item_ex_d2i (tasn_dec.c:230)
==28360== by 0x40ED421: ASN1_item_d2i (tasn_dec.c:133)
==28360== by 0x40F0335: d2i_ASN1_OCTET_STRING (tasn_typ.c:75)
==28360== by 0x405FD6D: d2i_SSL_SESSION (ssl_asn1.c:367)
==28360== by 0x405DD6E: ssl3_send_newsession_ticket (s3_srvr.c:2743)
==28360== by 0x405EA48: ssl3_accept (s3_srvr.c:665)
==28360== by 0x4067C34: SSL_accept (ssl_lib.c:922)
==28360== by 0x404E97B: ssl23_get_client_hello (s23_srvr.c:573)
ok miod@ beck@
| -rw-r--r-- | src/lib/libssl/src/ssl/ssl_asn1.c | 3 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_asn1.c | 3 |
2 files changed, 4 insertions, 2 deletions
diff --git a/src/lib/libssl/src/ssl/ssl_asn1.c b/src/lib/libssl/src/ssl/ssl_asn1.c index 8dc24d5283..cb52864bf3 100644 --- a/src/lib/libssl/src/ssl/ssl_asn1.c +++ b/src/lib/libssl/src/ssl/ssl_asn1.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_asn1.c,v 1.38 2014/10/16 03:19:02 beck Exp $ */ | 1 | /* $OpenBSD: ssl_asn1.c,v 1.39 2014/10/20 12:55:21 bcook Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -481,6 +481,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length) | |||
| 481 | 481 | ||
| 482 | /* 4 - Session ID (OCTET STRING). */ | 482 | /* 4 - Session ID (OCTET STRING). */ |
| 483 | os.length = 0; | 483 | os.length = 0; |
| 484 | free(os.data); | ||
| 484 | os.data = NULL; | 485 | os.data = NULL; |
| 485 | if (c.slen != 0L && | 486 | if (c.slen != 0L && |
| 486 | *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 4)) { | 487 | *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 4)) { |
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c index 8dc24d5283..cb52864bf3 100644 --- a/src/lib/libssl/ssl_asn1.c +++ b/src/lib/libssl/ssl_asn1.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_asn1.c,v 1.38 2014/10/16 03:19:02 beck Exp $ */ | 1 | /* $OpenBSD: ssl_asn1.c,v 1.39 2014/10/20 12:55:21 bcook Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -481,6 +481,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length) | |||
| 481 | 481 | ||
| 482 | /* 4 - Session ID (OCTET STRING). */ | 482 | /* 4 - Session ID (OCTET STRING). */ |
| 483 | os.length = 0; | 483 | os.length = 0; |
| 484 | free(os.data); | ||
| 484 | os.data = NULL; | 485 | os.data = NULL; |
| 485 | if (c.slen != 0L && | 486 | if (c.slen != 0L && |
| 486 | *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 4)) { | 487 | *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 4)) { |