From 25da47c3c8862cf82fa1e7f32fed9b6c4693ac6e Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Tue, 3 Jul 2012 16:36:10 +0000 Subject: [PATCH] Fix memory leak. Always perform nexproto callback argument initialisation in s_server otherwise we use uninitialised data if -nocert is specified. --- apps/s_client.c | 4 ++++ apps/s_server.c | 31 +++++++++++++++---------------- 2 files changed, 19 insertions(+), 16 deletions(-) diff --git a/apps/s_client.c b/apps/s_client.c index 95d23e8608..374998f3c9 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -1890,6 +1890,10 @@ end: print_stuff(bio_c_out,con,1); SSL_free(con); } +#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) + if (next_proto.data) + OPENSSL_free(next_proto.data); +#endif if (ctx != NULL) SSL_CTX_free(ctx); if (cert) X509_free(cert); diff --git a/apps/s_server.c b/apps/s_server.c index 7125afafc3..f15cd20914 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -1431,25 +1431,24 @@ bad: goto end; } } - -# ifndef OPENSSL_NO_NEXTPROTONEG - if (next_proto_neg_in) - { - unsigned short len; - next_proto.data = next_protos_parse(&len, - next_proto_neg_in); - if (next_proto.data == NULL) - goto end; - next_proto.len = len; - } - else - { - next_proto.data = NULL; - } -# endif #endif } +#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) + if (next_proto_neg_in) + { + unsigned short len; + next_proto.data = next_protos_parse(&len, next_proto_neg_in); + if (next_proto.data == NULL) + goto end; + next_proto.len = len; + } + else + { + next_proto.data = NULL; + } +#endif + if (s_dcert_file) { -- 2.25.1