diff options
| author | Matt Caswell <matt@openssl.org> | 2023-08-16 13:15:07 +0200 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2023-08-17 21:35:53 +0200 |
| commit | 0577dbad0709f1b3717297420069c6160245e74d (patch) | |
| tree | e8ed2dc97afa5f22f52b618646bd264db0e94106 /ssl/record | |
| parent | Add X509_STORE_CTX_set_get_crl and X509_STORE_CTX_set_current_reasons (diff) | |
| download | openssl-0577dbad0709f1b3717297420069c6160245e74d.tar.xz openssl-0577dbad0709f1b3717297420069c6160245e74d.zip | |
Fix a memory leak in tls_new_record_layer
If setting the crypto state has failed then memory might have been
partially allocated to fields within the partially constructed record
layer. We need to call tls_int_free() to properly free it.
Found by the reproducible error patch in openssl#21668
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21753)
Diffstat (limited to 'ssl/record')
| -rw-r--r-- | ssl/record/methods/tls_common.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c index 4cfeddca43..505e133161 100644 --- a/ssl/record/methods/tls_common.c +++ b/ssl/record/methods/tls_common.c @@ -1411,7 +1411,7 @@ tls_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, err: if (ret != OSSL_RECORD_RETURN_SUCCESS) { - OPENSSL_free(*retrl); + tls_int_free(*retrl); *retrl = NULL; } return ret; |