mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-20 07:23:54 +08:00
Code Issues Packages Projects Releases Wiki Activity

Ensure that memory allocated for the ticket is freed

Browse Source 
If a call to EVP_DecryptUpdate fails then a memory leak could occur.
Ensure that the memory is freed appropriately.

Issue reported by Guido Vranken.

Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Matt Caswell 2016-03-15 11:38:56 +00:00
parent ffe9150b15
commit d1247df266
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ssl/t1_lib.c
View File

@ -3162,6 +3162,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick,
if (sdec == NULL if (sdec == NULL
|| EVP_DecryptUpdate(ctx, sdec, &slen, p, eticklen) <= 0) { || EVP_DecryptUpdate(ctx, sdec, &slen, p, eticklen) <= 0) {
EVP_CIPHER_CTX_free(ctx); EVP_CIPHER_CTX_free(ctx);
OPENSSL_free(sdec);
return -1; return -1;
} }
if (EVP_DecryptFinal(ctx, sdec + slen, &mlen) <= 0) { if (EVP_DecryptFinal(ctx, sdec + slen, &mlen) <= 0) {