From 89917a5c600ca03d6d1e3d97fb95203ebdcdad9b Mon Sep 17 00:00:00 2001
From: Daniel Bathgate <dbathgate@google.com>
Date: Tue, 18 Oct 2016 14:31:02 +0100
Subject: [PATCH] Fix memory leak in set_signing_algorithm_prefs.

If SSL_CTX_set_signing_algorithm_prefs or
SSL_set_signing_algorithm_prefs are
called multiple times for the same cert, the
previous cert->sigalgs will leak.

Free the existing sigalgs before setting a new one.

Change-Id: I73cdb366a8f47d8cc0baae986fd0aa80b60300e2
Reviewed-on: https://boringssl-review.googlesource.com/11640
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
---
 ssl/ssl_rsa.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index 03f64414..29e5f194 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -352,6 +352,8 @@ void SSL_CTX_set_private_key_method(SSL_CTX *ctx,
 
 static int set_signing_algorithm_prefs(CERT *cert, const uint16_t *prefs,
                                        size_t num_prefs) {
+  OPENSSL_free(cert->sigalgs);
+
   cert->num_sigalgs = 0;
   cert->sigalgs = BUF_memdup(prefs, num_prefs * sizeof(prefs[0]));
   if (cert->sigalgs == NULL) {