diff options
| author | doug <> | 2015-10-03 06:47:32 +0000 |
|---|---|---|
| committer | doug <> | 2015-10-03 06:47:32 +0000 |
| commit | e68719b0faade6f98ce3f161204fd4d7c9da8edd (patch) | |
| tree | c039396f84e51026b4344d9769fbe62c562887f9 /src/lib | |
| parent | a745090733b8c302e7597048b28fe80c14240608 (diff) | |
| download | openbsd-e68719b0faade6f98ce3f161204fd4d7c9da8edd.tar.gz openbsd-e68719b0faade6f98ce3f161204fd4d7c9da8edd.tar.bz2 openbsd-e68719b0faade6f98ce3f161204fd4d7c9da8edd.zip | |
SSL_new(): fix ref counting and memory leak in error path.
Rather than a half-hearted attempt to free up resources and fix
ref counting at the SSL_CTX level, let SSL_free() do its job.
This diff got lost in the shuffle somewhere. It's from last year.
Ref counting error reported by Parakleta in github ticket #51. Thanks!
ok jsing@, beck@
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libssl/src/ssl/ssl_lib.c | 11 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_lib.c | 11 |
2 files changed, 6 insertions, 16 deletions
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c index b772f5f810..0b094e8db6 100644 --- a/src/lib/libssl/src/ssl/ssl_lib.c +++ b/src/lib/libssl/src/ssl/ssl_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_lib.c,v 1.112 2015/09/12 19:45:16 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_lib.c,v 1.113 2015/10/03 06:47:32 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -359,15 +359,10 @@ SSL_new(SSL_CTX *ctx) | |||
| 359 | 359 | ||
| 360 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data); | 360 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data); |
| 361 | 361 | ||
| 362 | |||
| 363 | return (s); | 362 | return (s); |
| 363 | |||
| 364 | err: | 364 | err: |
| 365 | if (s != NULL) { | 365 | SSL_free(s); |
| 366 | if (s->cert != NULL) | ||
| 367 | ssl_cert_free(s->cert); | ||
| 368 | SSL_CTX_free(s->ctx); /* decrement reference count */ | ||
| 369 | free(s); | ||
| 370 | } | ||
| 371 | SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE); | 366 | SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE); |
| 372 | return (NULL); | 367 | return (NULL); |
| 373 | } | 368 | } |
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index b772f5f810..0b094e8db6 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_lib.c,v 1.112 2015/09/12 19:45:16 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_lib.c,v 1.113 2015/10/03 06:47:32 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -359,15 +359,10 @@ SSL_new(SSL_CTX *ctx) | |||
| 359 | 359 | ||
| 360 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data); | 360 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data); |
| 361 | 361 | ||
| 362 | |||
| 363 | return (s); | 362 | return (s); |
| 363 | |||
| 364 | err: | 364 | err: |
| 365 | if (s != NULL) { | 365 | SSL_free(s); |
| 366 | if (s->cert != NULL) | ||
| 367 | ssl_cert_free(s->cert); | ||
| 368 | SSL_CTX_free(s->ctx); /* decrement reference count */ | ||
| 369 | free(s); | ||
| 370 | } | ||
| 371 | SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE); | 366 | SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE); |
| 372 | return (NULL); | 367 | return (NULL); |
| 373 | } | 368 | } |