From dd2516596867cce7586b47406c010d63ba73f289 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Tue, 3 Jul 2012 16:37:50 +0000 Subject: [PATCH] Fix memory leak. Always perform nexproto callback argument initialisation in s_server otherwise we use uninitialised data if -nocert is specified. --- apps/s_client.c | 4 ++++ apps/s_server.c | 31 +++++++++++++++---------------- 2 files changed, 19 insertions(+), 16 deletions(-) diff --git a/apps/s_client.c b/apps/s_client.c index a8383626fa..ef798e8c08 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -1965,6 +1965,10 @@ end: print_stuff(bio_c_out,con,1); SSL_free(con); } +#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) + if (next_proto.data) + OPENSSL_free(next_proto.data); +#endif if (ctx != NULL) SSL_CTX_free(ctx); if (cert) X509_free(cert); diff --git a/apps/s_server.c b/apps/s_server.c index 8ea916d6e1..6be2b628a7 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -1518,25 +1518,24 @@ bad: goto end; } } - -# ifndef OPENSSL_NO_NEXTPROTONEG - if (next_proto_neg_in) - { - unsigned short len; - next_proto.data = next_protos_parse(&len, - next_proto_neg_in); - if (next_proto.data == NULL) - goto end; - next_proto.len = len; - } - else - { - next_proto.data = NULL; - } -# endif #endif /* OPENSSL_NO_TLSEXT */ } +#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) + if (next_proto_neg_in) + { + unsigned short len; + next_proto.data = next_protos_parse(&len, next_proto_neg_in); + if (next_proto.data == NULL) + goto end; + next_proto.len = len; + } + else + { + next_proto.data = NULL; + } +#endif + if (s_dcert_file) { -- 2.25.1