[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Fri Mar 18 11:55:41 UTC 2016
The branch master has been updated
via d1247df266130561c9f1ab46a905ab04888ef6d9 (commit)
from ffe9150b1508a0ffc9e724f975691f24eb045c05 (commit)
- Log -----------------------------------------------------------------
commit d1247df266130561c9f1ab46a905ab04888ef6d9
Author: Matt Caswell <matt at openssl.org>
Date: Tue Mar 15 11:38:56 2016 +0000
Ensure that memory allocated for the ticket is freed
If a call to EVP_DecryptUpdate fails then a memory leak could occur.
Ensure that the memory is freed appropriately.
Issue reported by Guido Vranken.
Reviewed-by: Richard Levitte <levitte at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
ssl/t1_lib.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 8f5342b..fc7ebe4 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -3162,6 +3162,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick,
if (sdec == NULL
|| EVP_DecryptUpdate(ctx, sdec, &slen, p, eticklen) <= 0) {
EVP_CIPHER_CTX_free(ctx);
+ OPENSSL_free(sdec);
return -1;
}
if (EVP_DecryptFinal(ctx, sdec + slen, &mlen) <= 0) {
More information about the openssl-commits
mailing list