diff options
author | Peter Kaestle <peter.kaestle@nokia.com> | 2023-02-16 15:02:46 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2023-03-24 13:40:12 +0100 |
commit | 62ea5ffa7c8882ba90b26ab1deb0d977dcb5165c (patch) | |
tree | 74391e4687976bb6d68a3d3eec6df59f598b33dc /ssl | |
parent | 908ba3ed9adbb3df90f7684a3111ca916a45202d (diff) |
tls1_set_groups_list: freeing *pext before overwriting
calling SSL_CTX_set1_groups_list() twice on one SSL_CTX* caused a memory
leak visible in valgrind:
4 bytes in 1 blocks are definitely lost in loss record 1 of 1
at 0x4841888: malloc (vg_replace_malloc.c:381)
by 0x4B1EE96: CRYPTO_memdup (in libcrypto.so.3)
by 0x48993A0: tls1_set_groups_list (in libssl.so.3)
by 0x487AA7E: ssl3_ctx_ctrl (in libssl.so.3)
by 0x1091EA: main (mem_leak.c:10)
LEAK SUMMARY:
definitely lost: 4 bytes in 1 blocks
Freeing *pext to fix it.
CLA: trivial
Signed-off-by: Peter Kaestle <peter.kaestle@nokia.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20317)
(cherry picked from commit fcf3a9f7c6a10acb2d92f03aec5e45df7dd712d5)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/t1_lib.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 5622532314..7ec8be4c27 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1076,6 +1076,7 @@ int tls1_set_groups_list(SSL_CTX *ctx, uint16_t **pext, size_t *pextlen, tmparr = OPENSSL_memdup(gcb.gid_arr, gcb.gidcnt * sizeof(*tmparr)); if (tmparr == NULL) goto end; + OPENSSL_free(*pext); *pext = tmparr; *pextlen = gcb.gidcnt; ret = 1; |