diff options
author | Matt Caswell <matt@openssl.org> | 2015-05-21 14:06:52 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-05-22 08:08:45 +0100 |
commit | 6b41b3f5eacc6b1bb851c9dce22d6e893f32ea7d (patch) | |
tree | 6ff560441aeed681a5e56e30b3974fa90d6d9271 /ssl/record/ssl3_buffer.c | |
parent | 3a752c85ee38a92d7777b8fe1cce2e54bf619529 (diff) |
Fix a memory leak in compression
The function RECORD_LAYER_clear() is supposed to clear the contents of the
RECORD_LAYER structure, but retain certain data such as buffers that are
allocated. Unfortunately one buffer (for compression) got missed and was
inadvertently being wiped, thus causing a memory leak.
In part this is due to the fact that RECORD_LAYER_clear() was reaching
inside SSL3_BUFFERs and SSL3_RECORDs, which it really shouldn't. So, I've
rewritten it to only clear the data it knows about, and to defer clearing
of SSL3_RECORD and SSL3_BUFFER structures to SSL_RECORD_clear() and the
new function SSL3_BUFFER_clear().
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'ssl/record/ssl3_buffer.c')
-rw-r--r-- | ssl/record/ssl3_buffer.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/ssl/record/ssl3_buffer.c b/ssl/record/ssl3_buffer.c index 5a8d34c6fb..66fb721b1d 100644 --- a/ssl/record/ssl3_buffer.c +++ b/ssl/record/ssl3_buffer.c @@ -120,6 +120,19 @@ void SSL3_BUFFER_set_data(SSL3_BUFFER *b, const unsigned char *d, int n) b->offset = 0; } +/* + * Clear the contents of an SSL3_BUFFER but retain any memory allocated + */ +void SSL3_BUFFER_clear(SSL3_BUFFER *b) +{ + unsigned char *buf = b->buf; + size_t len = b->len; + + memset(b, 0, sizeof(*b)); + b->buf = buf; + b->len = len; +} + void SSL3_BUFFER_release(SSL3_BUFFER *b) { OPENSSL_free(b->buf); |