From: Pascal Cuoq <cuoq@trust-in-soft.com>
Date: Sun, 22 Nov 2015 23:13:15 +0000 (+0100)
Subject: ssl3_free(): Return if it wasn't created
X-Git-Tag: OpenSSL_1_1_0-pre1~170
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=a60c151a7d478b74ae88186aca251d17b84a1e2f;p=oweals%2Fopenssl.git

ssl3_free(): Return if it wasn't created

If somewhere in SSL_new() there is a memory allocation failure, ssl3_free() can
get called with s->s3 still being NULL.

Patch also provided by Willy Tarreau <wtarreau@haproxy.com>

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Viktor Dukhovni <openssl-users@dukhovni.org>
---

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index f40b143793..5ad9863121 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3880,7 +3880,7 @@ int ssl3_new(SSL *s)
 
 void ssl3_free(SSL *s)
 {
-    if (s == NULL)
+    if (s == NULL || s->s3 == NULL)
         return;
 
     ssl3_cleanup_key_block(s);