LADI
/
openssl
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix a potential memory leak in apps/s_server.c 

Allocate memory for a new SSL session.
If any of these steps fail,
free the key memory and the tmpsess object
before returning 0 to prevent a memory leak.

Fixes: #20110

CLA: trivial

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/20213)

(cherry picked from commit 8e2552b1ea)
(cherry picked from commit 4cfae921af)
This commit is contained in:
besher 2023-02-05 00:08:14 +01:00 committed by Todd Short
parent d21c59efc0
commit 82d4f93780
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
apps/s_server.c
View File

@ -229,6 +229,7 @@ static int psk_find_session_cb(SSL *ssl, const unsigned char *identity,
|| !SSL_SESSION_set_cipher(tmpsess, cipher)
|| !SSL_SESSION_set_protocol_version(tmpsess, SSL_version(ssl))) {
OPENSSL_free(key);
SSL_SESSION_free(tmpsess);
return 0;
}
OPENSSL_free(key);