tls_decrypt_ticket(): memory leak and uncleaned EVP_CIPHER_CTX upon error.

author: miod <miod@openbsd.org> 2014-05-26 20:11:27 +0000
committer: miod <miod@openbsd.org> 2014-05-26 20:11:27 +0000
commit: 2897fd1de6bb853834d300605cac79eae550a3f6 (patch)
tree: 6e85294685c4850b5bd0bafcd7218961ec25f083 /lib/libssl/t1_lib.c
parent: remove /usr/src. avoids useless whining from daily security mail. (diff)
download: wireguard-openbsd-2897fd1de6bb853834d300605cac79eae550a3f6.tar.xz
wireguard-openbsd-2897fd1de6bb853834d300605cac79eae550a3f6.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/libssl/t1_lib.c b/lib/libssl/t1_lib.c
index 0ea9ce752d2..99298c1791c 100644
--- a/lib/libssl/t1_lib.c
+++ b/lib/libssl/t1_lib.c
@@ -2133,8 +2133,11 @@ tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
 		return -1;
 	}
 	EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen);
-	if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0)
+	if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0) {
+		free(sdec);
+		EVP_CIPHER_CTX_cleanup(&ctx);
 		return 2;
+	}
 	slen += mlen;
 	EVP_CIPHER_CTX_cleanup(&ctx);
 	p = sdec;
author	miod <miod@openbsd.org>	2014-05-26 20:11:27 +0000
committer	miod <miod@openbsd.org>	2014-05-26 20:11:27 +0000
commit	2897fd1de6bb853834d300605cac79eae550a3f6 (patch)
tree	6e85294685c4850b5bd0bafcd7218961ec25f083 /lib/libssl/t1_lib.c
parent	remove /usr/src. avoids useless whining from daily security mail. (diff)
download	wireguard-openbsd-2897fd1de6bb853834d300605cac79eae550a3f6.tar.xz wireguard-openbsd-2897fd1de6bb853834d300605cac79eae550a3f6.zip