Fix error handling in SSL_new

author Bernd Edlinger <bernd.edlinger@hotmail.de>

Tue, 24 Oct 2017 14:06:28 +0000 (16:06 +0200)

committer Bernd Edlinger <bernd.edlinger@hotmail.de>

Wed, 25 Oct 2017 15:41:46 +0000 (17:41 +0200)
author Bernd Edlinger <bernd.edlinger@hotmail.de>
Tue, 24 Oct 2017 14:06:28 +0000 (16:06 +0200)
committer Bernd Edlinger <bernd.edlinger@hotmail.de>
Wed, 25 Oct 2017 15:41:46 +0000 (17:41 +0200)
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c

index cefb0ba5f218e6ce7fff54bf3dc18ac58de7feb5..0df69b4da6c1ceb48542f850e78e969094aadb06 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -624,9 +624,13 @@ SSL *SSL_new(SSL_CTX *ctx)
      if (s == NULL)
          goto err;
  
+    s->references = 1;
      s->lock = CRYPTO_THREAD_lock_new();
-    if (s->lock == NULL)
+    if (s->lock == NULL) {
+        OPENSSL_free(s);
+        s = NULL;
          goto err;
+    }
  
      /*
       * If not using the standard RAND (say for fuzzing), then don't use a
@@ -639,10 +643,8 @@ SSL *SSL_new(SSL_CTX *ctx)
          if (s->drbg == NULL
              || RAND_DRBG_instantiate(s->drbg,
                                       (const unsigned char *) SSL_version_str,
-                                     sizeof(SSL_version_str) - 1) == 0) {
-            CRYPTO_THREAD_lock_free(s->lock);
+                                     sizeof(SSL_version_str) - 1) == 0)
              goto err;
-        }
      }
  
      RECORD_LAYER_init(&s->rlayer, s);
@@ -653,7 +655,6 @@ SSL *SSL_new(SSL_CTX *ctx)
      s->max_proto_version = ctx->max_proto_version;
      s->mode = ctx->mode;
      s->max_cert_list = ctx->max_cert_list;
-    s->references = 1;
      s->max_early_data = ctx->max_early_data;
  
      /*
author	Bernd Edlinger <bernd.edlinger@hotmail.de>
	Tue, 24 Oct 2017 14:06:28 +0000 (16:06 +0200)
committer	Bernd Edlinger <bernd.edlinger@hotmail.de>
	Wed, 25 Oct 2017 15:41:46 +0000 (17:41 +0200)