Fix possible memory leak on error

The two places that call `ossl_ssl_init()` assume that no additional memory has been allocated when this fails; they subsequently free the QUIC_CONNECTION/SSL_CONNECTION via OPENSSL_free() without freeing any other resources. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20316)
author: Todd Short <todd.short@me.com> 2023-02-16 10:56:29 -0500
committer: Todd Short <todd.short@me.com> 2023-02-20 09:34:56 -0500
commit: c10ded8c2c862992c98b83909a679aa0bb448a55 (patch)
tree: df8ba534e090c5d56f654dd17671c04fd934251b /ssl/ssl_lib.c
parent: c400a1fe477b44a5eacbad2be8d50f2eaa92925c (diff)
1 files changed, 6 insertions, 3 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 2549798598..44ba62ffde 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -712,14 +712,17 @@ int ossl_ssl_init(SSL *ssl, SSL_CTX *ctx, const SSL_METHOD *method, int type)
     if (ssl->lock == NULL)
         return 0;
 
+    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, ssl, &ssl->ex_data)) {
+        CRYPTO_THREAD_lock_free(ssl->lock);
+        ssl->lock = NULL;
+        return 0;
+    }
+
     SSL_CTX_up_ref(ctx);
     ssl->ctx = ctx;
 
     ssl->defltmeth = ssl->method = method;
 
-    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, ssl, &ssl->ex_data))
-        return 0;
-
     return 1;
 }
author	Todd Short <todd.short@me.com>	2023-02-16 10:56:29 -0500
committer	Todd Short <todd.short@me.com>	2023-02-20 09:34:56 -0500
commit	c10ded8c2c862992c98b83909a679aa0bb448a55 (patch)
tree	df8ba534e090c5d56f654dd17671c04fd934251b /ssl/ssl_lib.c
parent	c400a1fe477b44a5eacbad2be8d50f2eaa92925c (diff)