diff options
| author | Matt Caswell <matt@openssl.org> | 2016-03-15 11:38:56 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2016-03-18 11:52:22 +0000 |
| commit | d1247df266130561c9f1ab46a905ab04888ef6d9 (patch) | |
| tree | 9922c884b76ebaf230355b3bcacf20467d31aba3 /ssl | |
| parent | ffe9150b1508a0ffc9e724f975691f24eb045c05 (diff) | |
Ensure that memory allocated for the ticket is freed
If a call to EVP_DecryptUpdate fails then a memory leak could occur.
Ensure that the memory is freed appropriately.
Issue reported by Guido Vranken.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/t1_lib.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 8f5342b39f..fc7ebe41ca 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -3162,6 +3162,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, if (sdec == NULL || EVP_DecryptUpdate(ctx, sdec, &slen, p, eticklen) <= 0) { EVP_CIPHER_CTX_free(ctx); + OPENSSL_free(sdec); return -1; } if (EVP_DecryptFinal(ctx, sdec + slen, &mlen) <= 0) { |