tls_decrypt_ticket(): memory leak and uncleaned EVP_CIPHER_CTX upon error.

author: miod <> 2014-05-26 20:11:27 +0000
committer: miod <> 2014-05-26 20:11:27 +0000
commit: 0442c253bd5389cf7be9c6db5502bc0112b1c5b9 (patch)
tree: fd119846d73cdf02b19e9c30bbcd3dc5ca4f7da4 /src/lib/libssl/t1_lib.c
parent: 25b28f1dc31dbf2e8b7d6584cb209dca4fb4896a (diff)
download: openbsd-0442c253bd5389cf7be9c6db5502bc0112b1c5b9.tar.gz
openbsd-0442c253bd5389cf7be9c6db5502bc0112b1c5b9.tar.bz2
openbsd-0442c253bd5389cf7be9c6db5502bc0112b1c5b9.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 0ea9ce752d..99298c1791 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -2133,8 +2133,11 @@ tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
                return -1;
        }
        EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen);
-        if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0)
+        if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0) {
+                free(sdec);
+                EVP_CIPHER_CTX_cleanup(&ctx);
                return 2;
+        }
        slen += mlen;
        EVP_CIPHER_CTX_cleanup(&ctx);
        p = sdec;
author	miod <>	2014-05-26 20:11:27 +0000
committer	miod <>	2014-05-26 20:11:27 +0000
commit	0442c253bd5389cf7be9c6db5502bc0112b1c5b9 (patch)
tree	fd119846d73cdf02b19e9c30bbcd3dc5ca4f7da4 /src/lib/libssl/t1_lib.c
parent	25b28f1dc31dbf2e8b7d6584cb209dca4fb4896a (diff)
download	openbsd-0442c253bd5389cf7be9c6db5502bc0112b1c5b9.tar.gz openbsd-0442c253bd5389cf7be9c6db5502bc0112b1c5b9.tar.bz2 openbsd-0442c253bd5389cf7be9c6db5502bc0112b1c5b9.zip