From: Matt Caswell Date: Mon, 27 Aug 2018 14:04:28 +0000 (+0100) Subject: Free SSL object on an error path X-Git-Tag: OpenSSL_1_1_0j~63 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=eeee521637702fa7bee89cb598fe9b1ba7ff0f60;p=oweals%2Fopenssl.git Free SSL object on an error path Thanks to @fangang190 for reporting this Fixes #7061 Reviewed-by: Paul Yang (Merged from https://github.com/openssl/openssl/pull/7065) --- diff --git a/apps/s_server.c b/apps/s_server.c index e8aa323a4f..86298334bd 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -2660,8 +2660,10 @@ static int www_body(int s, int stype, unsigned char *context) if (context && !SSL_set_session_id_context(con, context, - strlen((char *)context))) + strlen((char *)context))) { + SSL_free(con); goto err; + } sbio = BIO_new_socket(s, BIO_NOCLOSE); if (s_nbio_test) { @@ -2673,7 +2675,7 @@ static int www_body(int s, int stype, unsigned char *context) SSL_set_bio(con, sbio, sbio); SSL_set_accept_state(con); - /* SSL_set_fd(con,s); */ + /* No need to free |con| after this. Done by BIO_free(ssl_bio) */ BIO_set_ssl(ssl_bio, con, BIO_CLOSE); BIO_push(io, ssl_bio); #ifdef CHARSET_EBCDIC @@ -3030,6 +3032,7 @@ static int rev_body(int s, int stype, unsigned char *context) if (context && !SSL_set_session_id_context(con, context, strlen((char *)context))) { + SSL_free(con); ERR_print_errors(bio_err); goto err; } @@ -3038,6 +3041,7 @@ static int rev_body(int s, int stype, unsigned char *context) SSL_set_bio(con, sbio, sbio); SSL_set_accept_state(con); + /* No need to free |con| after this. Done by BIO_free(ssl_bio) */ BIO_set_ssl(ssl_bio, con, BIO_CLOSE); BIO_push(io, ssl_bio); #ifdef CHARSET_EBCDIC