diff options
author | Benjamin Kaduk <bkaduk@akamai.com> | 2017-08-09 12:19:06 -0500 |
---|---|---|
committer | Benjamin Kaduk <kaduk@mit.edu> | 2017-08-09 13:50:02 -0500 |
commit | 3cb6a4d6d66d566937c08d2d3fc933275e70f73e (patch) | |
tree | a434de842024582a4216baafd7d628a4490a5dcd | |
parent | 8d50b9c15ae5d4eb4318ff6ea105526a691f162c (diff) |
Fix memory leak in session cache test
When we are using the internal cache we have to make a copy of the
session before removing it from the parent context's cache, since
we want our copy to still be resumable. However, SSL_CTX_remove_session()
just detaches the session from the SSL_CTX; it does not free the session.
So, we must call SSL_SESSION_free() ourselves before overwriting the
variable that we dup'd from.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4126)
-rw-r--r-- | test/sslapitest.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/test/sslapitest.c b/test/sslapitest.c index e44e9c1f4d..f7b0ad8dc1 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -992,10 +992,12 @@ static int execute_test_session(int maxprot, int use_int_cache, * the external cache. We take a copy first because * SSL_CTX_remove_session() also marks the session as non-resumable. */ - if (use_int_cache - && (!TEST_ptr(tmp = SSL_SESSION_dup(sess2)) - || !TEST_true(SSL_CTX_remove_session(sctx, sess2)))) - goto end; + if (use_int_cache) { + if (!TEST_ptr(tmp = SSL_SESSION_dup(sess2)) + || !TEST_true(SSL_CTX_remove_session(sctx, sess2))) + goto end; + SSL_SESSION_free(sess2); + } sess2 = tmp; } |