diff options
author | Todd Short <todd.short@me.com> | 2023-02-16 10:56:29 -0500 |
---|---|---|
committer | Todd Short <todd.short@me.com> | 2023-02-20 09:34:56 -0500 |
commit | c10ded8c2c862992c98b83909a679aa0bb448a55 (patch) | |
tree | df8ba534e090c5d56f654dd17671c04fd934251b /ssl | |
parent | c400a1fe477b44a5eacbad2be8d50f2eaa92925c (diff) |
Fix possible memory leak on error
The two places that call `ossl_ssl_init()` assume that no additional
memory has been allocated when this fails; they subsequently free
the QUIC_CONNECTION/SSL_CONNECTION via OPENSSL_free() without freeing
any other resources.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20316)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl_lib.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 2549798598..44ba62ffde 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -712,14 +712,17 @@ int ossl_ssl_init(SSL *ssl, SSL_CTX *ctx, const SSL_METHOD *method, int type) if (ssl->lock == NULL) return 0; + if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, ssl, &ssl->ex_data)) { + CRYPTO_THREAD_lock_free(ssl->lock); + ssl->lock = NULL; + return 0; + } + SSL_CTX_up_ref(ctx); ssl->ctx = ctx; ssl->defltmeth = ssl->method = method; - if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, ssl, &ssl->ex_data)) - return 0; - return 1; } |