diff options
author | Jeeban Sethi <jeeban@Jeebans-MacBook-Air.local> | 2023-02-21 21:31:43 +0530 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2023-02-23 20:07:35 +1100 |
commit | 7fed5193d242938d9ac5a0c1cb32b22b33379a06 (patch) | |
tree | 662267d7addcc27abbc581da4f769f2f21f57653 | |
parent | 0c9646ec373e7f3f9b07f218a348ecb82219eaa7 (diff) |
Fixes #20278: Fixed double free bug in crypto/http/http_client.c
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20351)
-rw-r--r-- | crypto/http/http_client.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/crypto/http/http_client.c b/crypto/http/http_client.c index b955e5242d..ee0403eee1 100644 --- a/crypto/http/http_client.c +++ b/crypto/http/http_client.c @@ -1176,7 +1176,7 @@ BIO *OSSL_HTTP_get(const char *url, const char *proxy, const char *no_proxy, char *port; char *path; int use_ssl; - OSSL_HTTP_REQ_CTX *rctx; + OSSL_HTTP_REQ_CTX *rctx = NULL; BIO *resp = NULL; time_t max_time = timeout > 0 ? time(NULL) + timeout : 0; @@ -1202,10 +1202,12 @@ BIO *OSSL_HTTP_get(const char *url, const char *proxy, const char *no_proxy, NULL /* req */, expected_ct, expect_asn1, max_resp_len, -1 /* use same max time (timeout) */, - 0 /* no keep_alive */)) + 0 /* no keep_alive */)) { OSSL_HTTP_REQ_CTX_free(rctx); - else + rctx = NULL; + } else { resp = OSSL_HTTP_exchange(rctx, &redirection_url); + } } OPENSSL_free(path); if (resp == NULL && redirection_url != NULL) { @@ -1220,6 +1222,7 @@ BIO *OSSL_HTTP_get(const char *url, const char *proxy, const char *no_proxy, OPENSSL_free(host); OPENSSL_free(port); (void)OSSL_HTTP_close(rctx, 1); + rctx = NULL; BIO_free(resp); OPENSSL_free(current_url); return NULL; @@ -1229,6 +1232,7 @@ BIO *OSSL_HTTP_get(const char *url, const char *proxy, const char *no_proxy, OPENSSL_free(host); OPENSSL_free(port); (void)OSSL_HTTP_close(rctx, 1); + rctx = NULL; continue; } /* if redirection not allowed, ignore it */ @@ -1238,6 +1242,7 @@ BIO *OSSL_HTTP_get(const char *url, const char *proxy, const char *no_proxy, OPENSSL_free(port); if (!OSSL_HTTP_close(rctx, resp != NULL)) { BIO_free(resp); + rctx = NULL; resp = NULL; } break; |