kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix memory leak on failure.

Browse Source 
Match the server logic to the client state machine and free if BUF_MEM_grow
fails.

Change-Id: I1a249f7b8c222cd710e969e17a1cba1f469f73e3
This commit is contained in:
David Benjamin 2014-12-12 15:50:29 -05:00 committed by Adam Langley
parent 1f48fba861
commit 63c55a8e35
3 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ssl/d1_srvr.c
View File

@ -130,7 +130,7 @@ static int dtls1_send_hello_verify_request(SSL *s);
int dtls1_accept(SSL *s) int dtls1_accept(SSL *s)
{ {
BUF_MEM *buf; BUF_MEM *buf = NULL;
void (*cb)(const SSL *ssl,int type,int val)=NULL; void (*cb)(const SSL *ssl,int type,int val)=NULL;
unsigned long alg_a; unsigned long alg_a;
int ret= -1; int ret= -1;
@ -184,6 +184,7 @@ int dtls1_accept(SSL *s)
goto end; goto end;
} }
s->init_buf=buf; s->init_buf=buf;
buf = NULL;
} }
if (!ssl3_setup_buffers(s)) if (!ssl3_setup_buffers(s))
@ -588,7 +589,8 @@ end:
/* BIO_flush(s->wbio); */ /* BIO_flush(s->wbio); */
s->in_handshake--; s->in_handshake--;
if (buf != NULL)
BUF_MEM_free(buf);
if (cb != NULL) if (cb != NULL)
cb(s,SSL_CB_ACCEPT_EXIT,ret); cb(s,SSL_CB_ACCEPT_EXIT,ret);
return(ret); return(ret);

5
ssl/s23_srvr.c
View File

@ -123,7 +123,7 @@ static int ssl23_get_v2_client_hello(SSL *s);
int ssl23_accept(SSL *s) int ssl23_accept(SSL *s)
{ {
BUF_MEM *buf; BUF_MEM *buf = NULL;
void (*cb)(const SSL *ssl,int type,int val)=NULL; void (*cb)(const SSL *ssl,int type,int val)=NULL;
int ret= -1; int ret= -1;
int new_state,state; int new_state,state;
@ -166,6 +166,7 @@ int ssl23_accept(SSL *s)
goto end; goto end;
} }
s->init_buf=buf; s->init_buf=buf;
buf = NULL;
} }
if (!ssl3_init_finished_mac(s)) if (!ssl3_init_finished_mac(s))
@ -229,6 +230,8 @@ int ssl23_accept(SSL *s)
} }
end: end:
s->in_handshake--; s->in_handshake--;
if (buf != NULL)
BUF_MEM_free(buf);
if (cb != NULL) if (cb != NULL)
cb(s,SSL_CB_ACCEPT_EXIT,ret); cb(s,SSL_CB_ACCEPT_EXIT,ret);
return(ret); return(ret);

5
ssl/s3_srvr.c
View File

@ -174,7 +174,7 @@
int ssl3_accept(SSL *s) int ssl3_accept(SSL *s)
{ {
BUF_MEM *buf; BUF_MEM *buf = NULL;
unsigned long alg_a; unsigned long alg_a;
void (*cb)(const SSL *ssl,int type,int val)=NULL; void (*cb)(const SSL *ssl,int type,int val)=NULL;
int ret= -1; int ret= -1;
@ -228,6 +228,7 @@ int ssl3_accept(SSL *s)
goto end; goto end;
} }
s->init_buf=buf; s->init_buf=buf;
buf = NULL;
} }
if (!ssl3_setup_buffers(s)) if (!ssl3_setup_buffers(s))
@ -666,6 +667,8 @@ end:
/* BIO_flush(s->wbio); */ /* BIO_flush(s->wbio); */
s->in_handshake--; s->in_handshake--;
if (buf != NULL)
BUF_MEM_free(buf);
if (cb != NULL) if (cb != NULL)
cb(s,SSL_CB_ACCEPT_EXIT,ret); cb(s,SSL_CB_ACCEPT_EXIT,ret);
return(ret); return(ret);