Don't free the prev BIO prematurely

We shouldn't free the prev BIO in ssl_set_new_record_layer until it is no longer referenced by s->rlayer.rrlnext. Found by the reproducible error patch in #21668 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21741)
author: Matt Caswell <matt@openssl.org> 2023-08-15 15:33:34 +0100
committer: Hugo Landau <hlandau@openssl.org> 2023-08-17 08:06:43 +0100
commit: 92e3f43aec553145b4d4cbb4dbd3df9658a05bb4 (patch)
tree: afe3149698b098f08ca8064a400a82ea84090a37 /ssl/record
parent: e16c0103083af676af8c5564bb21585d4574f992 (diff)
1 files changed, 0 insertions, 1 deletions
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 2f5a611470..16726019f9 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -1325,7 +1325,6 @@ int ssl_set_new_record_layer(SSL_CONNECTION *s, int version,
                 next = BIO_new(BIO_s_mem());
 
             if (next == NULL) {
-                BIO_free(prev);
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
                 return 0;
             }
author	Matt Caswell <matt@openssl.org>	2023-08-15 15:33:34 +0100
committer	Hugo Landau <hlandau@openssl.org>	2023-08-17 08:06:43 +0100
commit	92e3f43aec553145b4d4cbb4dbd3df9658a05bb4 (patch)
tree	afe3149698b098f08ca8064a400a82ea84090a37 /ssl/record
parent	e16c0103083af676af8c5564bb21585d4574f992 (diff)