From a784665e52735f77a64d01216d7535834278c27c Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Tue, 28 Jul 2015 16:04:53 +0100 Subject: [PATCH] Free and cleanse pms on error Reviewed-by: Matt Caswell --- ssl/s3_lib.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 2954b58c03..0fc08819ca 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -4966,8 +4966,10 @@ int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen, pskpmslen = 4 + pmslen + psklen; pskpms = OPENSSL_malloc(pskpmslen); - if (pskpms == NULL) - return 0; + if (pskpms == NULL) { + s->session->master_key_length = 0; + goto err; + } t = pskpms; s2n(pmslen, t); if (alg_k & SSL_kPSK) @@ -4991,6 +4993,8 @@ int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen, s->method->ssl3_enc->generate_master_secret(s, s->session->master_key, pms, pmslen); + + err: if (pms) { if (free_pms) OPENSSL_clear_free(pms, pmslen); -- 2.25.1