OpenSSL: Fix memory leak on error path

If SSL_CTX_new() fails in tls_init(), the per-SSL app-data allocation could have been leaked when multiple TLS instances are allocated. Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-26 12:02:50 +03:00 · 2013-10-26 12:02:50 +03:00 · a288da61b6
commit a288da61b6
parent 6cb4f11dba
1 changed files with 4 additions and 2 deletions
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@ -784,11 +784,13 @@ void * tls_init(const struct tls_config *conf)
 	ssl = SSL_CTX_new(TLSv1_method());
 	if (ssl == NULL) {
 		tls_openssl_ref_count--;
+#ifdef OPENSSL_SUPPORTS_CTX_APP_DATA
+		if (context != tls_global)
+			os_free(context);
+#endif /* OPENSSL_SUPPORTS_CTX_APP_DATA */
 		if (tls_openssl_ref_count == 0) {
 			os_free(tls_global);
 			tls_global = NULL;
-		} else if (context != tls_global) {
-			os_free(context);
 		}
 		return NULL;
 	}