jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

OpenSSL: Fix memory leak on error path

Browse source 
If SSL_CTX_new() fails in tls_init(), the per-SSL app-data allocation
could have been leaked when multiple TLS instances are allocated.

Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2013-10-26 12:02:50 +03:00
parent 6cb4f11dba
commit a288da61b6
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/crypto/tls_openssl.c
View file

@ -784,11 +784,13 @@ void * tls_init(const struct tls_config *conf)
ssl = SSL_CTX_new(TLSv1_method()); ssl = SSL_CTX_new(TLSv1_method());
if (ssl == NULL) { if (ssl == NULL) {
tls_openssl_ref_count--; tls_openssl_ref_count--;
#ifdef OPENSSL_SUPPORTS_CTX_APP_DATA
if (context != tls_global)
os_free(context);
#endif /* OPENSSL_SUPPORTS_CTX_APP_DATA */
if (tls_openssl_ref_count == 0) { if (tls_openssl_ref_count == 0) {
os_free(tls_global); os_free(tls_global);
tls_global = NULL; tls_global = NULL;
} else if (context != tls_global) {
os_free(context);
} }
return NULL; return NULL;
} }