1 files changed, 24 insertions, 11 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 7eb192eb2c..d9e5166cdd 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.125 2017/01/21 04:16:49 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.126 2017/01/22 03:50:45 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -274,10 +274,15 @@ SSL_new(SSL_CTX *ctx)
                return (NULL);
        }
-        s = calloc(1, sizeof(SSL));
+        if ((s = calloc(1, sizeof(*s))) == NULL) {
-        if (s == NULL)
+                SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
-                goto err;
+                return (NULL);
+        }
+        if ((s->internal = calloc(1, sizeof(*s->internal))) == NULL) {
+                free(s);
+                SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
+                return (NULL);
+        }
        s->options = ctx->options;
        s->mode = ctx->mode;
@@ -361,7 +366,7 @@ SSL_new(SSL_CTX *ctx)
        return (s);
-err:
+ err:
        SSL_free(s);
        SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
        return (NULL);
@@ -549,7 +554,6 @@ SSL_free(SSL *s)
        SSL_CTX_free(s->ctx);
        free(s->next_proto_negotiated);
        free(s->alpn_client_proto_list);
@@ -558,6 +562,7 @@ SSL_free(SSL *s)
                sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
 #endif
+        free(s->internal);
        free(s);
 }
@@ -1792,21 +1797,28 @@ ssl_session_LHASH_COMP(const void *arg1, const void *arg2)
 SSL_CTX *
 SSL_CTX_new(const SSL_METHOD *meth)
 {
-        SSL_CTX *ret = NULL;
+        SSL_CTX *ret;
        if (meth == NULL) {
                SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_NULL_SSL_METHOD_PASSED);
                return (NULL);
        }
+        if ((ret = calloc(1, sizeof(*ret))) == NULL) {
+                SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
+                return (NULL);
+        }
+        if ((ret->internal = calloc(1, sizeof(*ret->internal))) == NULL) {
+                free(ret);
+                SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
+                return (NULL);
+        }
        if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
                SSLerr(SSL_F_SSL_CTX_NEW,
                    SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
                goto err;
        }
-        ret = calloc(1, sizeof(SSL_CTX));
-        if (ret == NULL)
-                goto err;
        ret->method = meth;
@@ -1993,6 +2005,7 @@ SSL_CTX_free(SSL_CTX *a)
        free(a->alpn_client_proto_list);
+        free(a->internal);
        free(a);
 }

diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index 7eb192eb2c..d9e5166cdd 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_lib.c,v 1.125 2017/01/21 04:16:49 jsing Exp $ */	1	/* $OpenBSD: ssl_lib.c,v 1.126 2017/01/22 03:50:45 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -274,10 +274,15 @@ SSL_new(SSL_CTX *ctx)
274	return (NULL);	274	return (NULL);
275	}	275	}
276		276
277	s = calloc(1, sizeof(SSL));	277	if ((s = calloc(1, sizeof(*s))) == NULL) {
278	if (s == NULL)	278	SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
279	goto err;	279	return (NULL);
280		280	}
		281	if ((s->internal = calloc(1, sizeof(*s->internal))) == NULL) {
		282	free(s);
		283	SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
		284	return (NULL);
		285	}
281		286
282	s->options = ctx->options;	287	s->options = ctx->options;
283	s->mode = ctx->mode;	288	s->mode = ctx->mode;
@@ -361,7 +366,7 @@ SSL_new(SSL_CTX *ctx)
361		366
362	return (s);	367	return (s);
363		368
364	err:	369	err:
365	SSL_free(s);	370	SSL_free(s);
366	SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);	371	SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
367	return (NULL);	372	return (NULL);
@@ -549,7 +554,6 @@ SSL_free(SSL *s)
549		554
550	SSL_CTX_free(s->ctx);	555	SSL_CTX_free(s->ctx);
551		556
552
553	free(s->next_proto_negotiated);	557	free(s->next_proto_negotiated);
554	free(s->alpn_client_proto_list);	558	free(s->alpn_client_proto_list);
555		559
@@ -558,6 +562,7 @@ SSL_free(SSL *s)
558	sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);	562	sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
559	#endif	563	#endif
560		564
		565	free(s->internal);
561	free(s);	566	free(s);
562	}	567	}
563		568
@@ -1792,21 +1797,28 @@ ssl_session_LHASH_COMP(const void arg1, const void arg2)
1792	SSL_CTX *	1797	SSL_CTX *
1793	SSL_CTX_new(const SSL_METHOD *meth)	1798	SSL_CTX_new(const SSL_METHOD *meth)
1794	{	1799	{
1795	SSL_CTX *ret = NULL;	1800	SSL_CTX *ret;
1796		1801
1797	if (meth == NULL) {	1802	if (meth == NULL) {
1798	SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_NULL_SSL_METHOD_PASSED);	1803	SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_NULL_SSL_METHOD_PASSED);
1799	return (NULL);	1804	return (NULL);
1800	}	1805	}
1801		1806
		1807	if ((ret = calloc(1, sizeof(*ret))) == NULL) {
		1808	SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
		1809	return (NULL);
		1810	}
		1811	if ((ret->internal = calloc(1, sizeof(*ret->internal))) == NULL) {
		1812	free(ret);
		1813	SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
		1814	return (NULL);
		1815	}
		1816
1802	if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {	1817	if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
1803	SSLerr(SSL_F_SSL_CTX_NEW,	1818	SSLerr(SSL_F_SSL_CTX_NEW,
1804	SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);	1819	SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
1805	goto err;	1820	goto err;
1806	}	1821	}
1807	ret = calloc(1, sizeof(SSL_CTX));
1808	if (ret == NULL)
1809	goto err;
1810		1822
1811	ret->method = meth;	1823	ret->method = meth;
1812		1824
@@ -1993,6 +2005,7 @@ SSL_CTX_free(SSL_CTX *a)
1993		2005
1994	free(a->alpn_client_proto_list);	2006	free(a->alpn_client_proto_list);
1995		2007
		2008	free(a->internal);
1996	free(a);	2009	free(a);
1997	}	2010	}
1998		2011