From c849c6d9d3bf806fecfe0c16eaa55d361979ff7f Mon Sep 17 00:00:00 2001 From: Todd Short Date: Tue, 22 Dec 2015 11:49:36 -0500 Subject: [PATCH] Memory leak in state machine in error path When EC is disabled, and an error occurs in ssl_generate_master_secret() or RAND_bytes(), the error path does not free rsa_decrypt. RT#4197 Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell --- ssl/statem/statem_srvr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 0e6f0d03dd..79254b5248 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2620,8 +2620,8 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt) #endif #ifndef OPENSSL_NO_EC EVP_PKEY_free(ckey); - OPENSSL_free(rsa_decrypt); #endif + OPENSSL_free(rsa_decrypt); #ifndef OPENSSL_NO_PSK OPENSSL_clear_free(s->s3->tmp.psk, s->s3->tmp.psklen); s->s3->tmp.psk = NULL; -- 2.25.1