Fix a ssl session leak due to OOM in lh_SSL_SESSION_insert

- s == NULL can mean c is a new session *or* lh_insert was unable to create a hash entry. - use lh_SSL_SESSION_retrieve to check for this error condition. - If it happens simply remove the extra reference again. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2138)
author: Bernd Edlinger <bernd.edlinger@hotmail.de> 2016-12-22 20:17:29 +0100
committer: Richard Levitte <levitte@openssl.org> 2017-01-24 15:05:12 +0100
commit: 38088ce9934a90d4aea486edbff864f3935342e6 (patch)
tree: f64492188cd38ec53fb40888227981255ae93bf8 /ssl/ssl_sess.c
parent: c2114afc1622ff0113974b3696e557ea8bf7ffb4 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 0ea74389c2..c6d5c1247f 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -678,6 +678,15 @@ int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
          * obtain the same session from an external cache)
          */
         s = NULL;
+    } else if (s == NULL &&
+               lh_SSL_SESSION_retrieve(ctx->sessions, c) == NULL) {
+        /* s == NULL can also mean OOM error in lh_SSL_SESSION_insert ... */
+
+        /*
+         * ... so take back the extra reference and also don't add
+         * the session to the SSL_SESSION_list at this time
+         */
+        s = c;
     }
 
     /* Put at the head of the queue unless it is already in the cache */
author	Bernd Edlinger <bernd.edlinger@hotmail.de>	2016-12-22 20:17:29 +0100
committer	Richard Levitte <levitte@openssl.org>	2017-01-24 15:05:12 +0100
commit	38088ce9934a90d4aea486edbff864f3935342e6 (patch)
tree	f64492188cd38ec53fb40888227981255ae93bf8 /ssl/ssl_sess.c
parent	c2114afc1622ff0113974b3696e557ea8bf7ffb4 (diff)