add a fix from OpenSSL CVS for SA38200.

"Modify compression code so it avoids using ex_data free functions.
This stops applications that call CRYPTO_free_all_ex_data()
prematurely leaking memory."

looks ok to markus@

1 files changed, 7 insertions, 10 deletions

diff --git a/lib/libssl/src/crypto/comp/c_zlib.c b/lib/libssl/src/crypto/comp/c_zlib.c
index eccfd091378..8df7792c50b 100644
--- a/lib/libssl/src/crypto/comp/c_zlib.c
+++ b/lib/libssl/src/crypto/comp/c_zlib.c
@@ -136,15 +136,6 @@ struct zlib_state
 
 static int zlib_stateful_ex_idx = -1;
 
-static void zlib_stateful_free_ex_data(void *obj, void *item,
-	CRYPTO_EX_DATA *ad, int ind,long argl, void *argp)
-	{
-	struct zlib_state *state = (struct zlib_state *)item;
-	inflateEnd(&state->istream);
-	deflateEnd(&state->ostream);
-	OPENSSL_free(state);
-	}
-
 static int zlib_stateful_init(COMP_CTX *ctx)
 	{
 	int err;
@@ -188,6 +179,12 @@ static int zlib_stateful_init(COMP_CTX *ctx)
 
 static void zlib_stateful_finish(COMP_CTX *ctx)
 	{
+	struct zlib_state *state =
+		(struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data,
+			zlib_stateful_ex_idx);
+	inflateEnd(&state->istream);
+	deflateEnd(&state->ostream);
+	OPENSSL_free(state);
 	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_COMP,ctx,&ctx->ex_data);
 	}
 
@@ -402,7 +399,7 @@ COMP_METHOD *COMP_zlib(void)
 			if (zlib_stateful_ex_idx == -1)
 				zlib_stateful_ex_idx =
 					CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP,
-						0,NULL,NULL,NULL,zlib_stateful_free_ex_data);
+						0,NULL,NULL,NULL,NULL);
 			CRYPTO_w_unlock(CRYPTO_LOCK_COMP);
 			if (zlib_stateful_ex_idx == -1)
 				goto err;