diff options
author | Matt Caswell <matt@openssl.org> | 2020-02-12 11:55:30 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-02-13 14:25:32 +0000 |
commit | 0618b62ca2a9c5fb7bf8421deabaee240c709040 (patch) | |
tree | 101fb0013ad8f64a75d38ecb773a4a0e7b43b229 /ssl | |
parent | 06e62984c1e7cee5e50211dfb9a89d5095799133 (diff) |
Fix a mem leak in libssl
Make sure we free up any ENGINE references after we have finished using
them.
Fixes #11064
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11070)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl_lib.c | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 08fcd83ea7..23101954ec 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -5849,12 +5849,17 @@ const EVP_CIPHER *ssl_evp_cipher_fetch(OPENSSL_CTX *libctx, const char *properties) { #ifndef OPENSSL_NO_ENGINE + ENGINE *eng; + /* * If there is an Engine available for this cipher we use the "implicit" * form to ensure we use that engine later. */ - if (ENGINE_get_cipher_engine(nid) != NULL) + eng = ENGINE_get_cipher_engine(nid); + if (eng != NULL) { + ENGINE_finish(eng); return EVP_get_cipherbynid(nid); + } #endif /* Otherwise we do an explicit fetch */ @@ -5894,12 +5899,17 @@ const EVP_MD *ssl_evp_md_fetch(OPENSSL_CTX *libctx, const char *properties) { #ifndef OPENSSL_NO_ENGINE + ENGINE *eng; + /* * If there is an Engine available for this digest we use the "implicit" * form to ensure we use that engine later. */ - if (ENGINE_get_digest_engine(nid) != NULL) + eng = ENGINE_get_digest_engine(nid); + if (eng != NULL) { + ENGINE_finish(eng); return EVP_get_digestbynid(nid); + } #endif /* Otherwise we do an explicit fetch */ |