[openssl-commits] [openssl] master update
kaduk at mit.edu
kaduk at mit.edu
Wed Aug 9 18:50:12 UTC 2017
The branch master has been updated
via 3cb6a4d6d66d566937c08d2d3fc933275e70f73e (commit)
from 8d50b9c15ae5d4eb4318ff6ea105526a691f162c (commit)
- Log -----------------------------------------------------------------
commit 3cb6a4d6d66d566937c08d2d3fc933275e70f73e
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date: Wed Aug 9 12:19:06 2017 -0500
Fix memory leak in session cache test
When we are using the internal cache we have to make a copy of the
session before removing it from the parent context's cache, since
we want our copy to still be resumable. However, SSL_CTX_remove_session()
just detaches the session from the SSL_CTX; it does not free the session.
So, we must call SSL_SESSION_free() ourselves before overwriting the
variable that we dup'd from.
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4126)
-----------------------------------------------------------------------
Summary of changes:
test/sslapitest.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/test/sslapitest.c b/test/sslapitest.c
index e44e9c1..f7b0ad8 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -992,10 +992,12 @@ static int execute_test_session(int maxprot, int use_int_cache,
* the external cache. We take a copy first because
* SSL_CTX_remove_session() also marks the session as non-resumable.
*/
- if (use_int_cache
- && (!TEST_ptr(tmp = SSL_SESSION_dup(sess2))
- || !TEST_true(SSL_CTX_remove_session(sctx, sess2))))
- goto end;
+ if (use_int_cache) {
+ if (!TEST_ptr(tmp = SSL_SESSION_dup(sess2))
+ || !TEST_true(SSL_CTX_remove_session(sctx, sess2)))
+ goto end;
+ SSL_SESSION_free(sess2);
+ }
sess2 = tmp;
}
More information about the openssl-commits
mailing list