diff options
author | Jeeban Sethi <jeeban@Jeebans-MacBook-Air.local> | 2023-02-21 21:31:43 +0530 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2023-02-23 20:08:16 +1100 |
commit | 849586c7db4740be3c12b320b66c57b2a4527ab9 (patch) | |
tree | 7911480c0c2d3e898e57554198f99adab771470e /crypto/http/http_client.c | |
parent | c344ee0e0f2f90221dbf1eed55a2736eabbd49c9 (diff) |
Fixes #20278: Fixed double free bug in crypto/http/http_client.c
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20351)
(cherry picked from commit 7fed5193d242938d9ac5a0c1cb32b22b33379a06)
Diffstat (limited to 'crypto/http/http_client.c')
-rw-r--r-- | crypto/http/http_client.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/crypto/http/http_client.c b/crypto/http/http_client.c index 0d62f1c7bf..d0b51605ab 100644 --- a/crypto/http/http_client.c +++ b/crypto/http/http_client.c @@ -1122,7 +1122,7 @@ BIO *OSSL_HTTP_get(const char *url, const char *proxy, const char *no_proxy, char *port; char *path; int use_ssl; - OSSL_HTTP_REQ_CTX *rctx; + OSSL_HTTP_REQ_CTX *rctx = NULL; BIO *resp = NULL; time_t max_time = timeout > 0 ? time(NULL) + timeout : 0; @@ -1148,10 +1148,12 @@ BIO *OSSL_HTTP_get(const char *url, const char *proxy, const char *no_proxy, NULL /* req */, expected_ct, expect_asn1, max_resp_len, -1 /* use same max time (timeout) */, - 0 /* no keep_alive */)) + 0 /* no keep_alive */)) { OSSL_HTTP_REQ_CTX_free(rctx); - else + rctx = NULL; + } else { resp = OSSL_HTTP_exchange(rctx, &redirection_url); + } } OPENSSL_free(path); if (resp == NULL && redirection_url != NULL) { @@ -1166,6 +1168,7 @@ BIO *OSSL_HTTP_get(const char *url, const char *proxy, const char *no_proxy, OPENSSL_free(host); OPENSSL_free(port); (void)OSSL_HTTP_close(rctx, 1); + rctx = NULL; BIO_free(resp); OPENSSL_free(current_url); return NULL; @@ -1175,6 +1178,7 @@ BIO *OSSL_HTTP_get(const char *url, const char *proxy, const char *no_proxy, OPENSSL_free(host); OPENSSL_free(port); (void)OSSL_HTTP_close(rctx, 1); + rctx = NULL; continue; } /* if redirection not allowed, ignore it */ @@ -1184,6 +1188,7 @@ BIO *OSSL_HTTP_get(const char *url, const char *proxy, const char *no_proxy, OPENSSL_free(port); if (!OSSL_HTTP_close(rctx, resp != NULL)) { BIO_free(resp); + rctx = NULL; resp = NULL; } break; |