tls_decrypt_ticket(): memory leak and uncleaned EVP_CIPHER_CTX upon error.

author: miod <> 2014-05-26 20:11:27 +0000
committer: miod <> 2014-05-26 20:11:27 +0000
commit: 6faf798d1d3380d029805b0d46c838a5d4d15405 (patch)
tree: fd119846d73cdf02b19e9c30bbcd3dc5ca4f7da4 /src/lib/libssl/t1_lib.c
parent: be6c7be0c897a4579deb5f3bdc20177429f57d10 (diff)
download: openbsd-6faf798d1d3380d029805b0d46c838a5d4d15405.tar.gz
openbsd-6faf798d1d3380d029805b0d46c838a5d4d15405.tar.bz2
openbsd-6faf798d1d3380d029805b0d46c838a5d4d15405.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 0ea9ce752d..99298c1791 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -2133,8 +2133,11 @@ tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
                return -1;
        }
        EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen);
-        if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0)
+        if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0) {
+                free(sdec);
+                EVP_CIPHER_CTX_cleanup(&ctx);
                return 2;
+        }
        slen += mlen;
        EVP_CIPHER_CTX_cleanup(&ctx);
        p = sdec;
author	miod <>	2014-05-26 20:11:27 +0000
committer	miod <>	2014-05-26 20:11:27 +0000
commit	6faf798d1d3380d029805b0d46c838a5d4d15405 (patch)
tree	fd119846d73cdf02b19e9c30bbcd3dc5ca4f7da4 /src/lib/libssl/t1_lib.c
parent	be6c7be0c897a4579deb5f3bdc20177429f57d10 (diff)
download	openbsd-6faf798d1d3380d029805b0d46c838a5d4d15405.tar.gz openbsd-6faf798d1d3380d029805b0d46c838a5d4d15405.tar.bz2 openbsd-6faf798d1d3380d029805b0d46c838a5d4d15405.zip