[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

yang.yang at baishancloud.com yang.yang at baishancloud.com
Thu Aug 30 02:02:24 UTC 2018 

The branch OpenSSL_1_1_0-stable has been updated
       via  eeee521637702fa7bee89cb598fe9b1ba7ff0f60 (commit)
      from  73bebc17a14da5278b01416b39e5c28a7d0c1861 (commit)


- Log -----------------------------------------------------------------
commit eeee521637702fa7bee89cb598fe9b1ba7ff0f60
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Aug 27 15:04:28 2018 +0100

    Free SSL object on an error path
    
    Thanks to @fangang190 for reporting this
    
    Fixes #7061
    
    Reviewed-by: Paul Yang <yang.yang at baishancloud.com>
    (Merged from https://github.com/openssl/openssl/pull/7065)

-----------------------------------------------------------------------

Summary of changes:
 apps/s_server.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/apps/s_server.c b/apps/s_server.c
index e8aa323..8629833 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2660,8 +2660,10 @@ static int www_body(int s, int stype, unsigned char *context)
 
     if (context
         && !SSL_set_session_id_context(con, context,
-                                       strlen((char *)context)))
+                                       strlen((char *)context))) {
+        SSL_free(con);
         goto err;
+    }
 
     sbio = BIO_new_socket(s, BIO_NOCLOSE);
     if (s_nbio_test) {
@@ -2673,7 +2675,7 @@ static int www_body(int s, int stype, unsigned char *context)
     SSL_set_bio(con, sbio, sbio);
     SSL_set_accept_state(con);
 
-    /* SSL_set_fd(con,s); */
+    /* No need to free |con| after this. Done by BIO_free(ssl_bio) */
     BIO_set_ssl(ssl_bio, con, BIO_CLOSE);
     BIO_push(io, ssl_bio);
 #ifdef CHARSET_EBCDIC
@@ -3030,6 +3032,7 @@ static int rev_body(int s, int stype, unsigned char *context)
     if (context
         && !SSL_set_session_id_context(con, context,
                                        strlen((char *)context))) {
+        SSL_free(con);
         ERR_print_errors(bio_err);
         goto err;
     }
@@ -3038,6 +3041,7 @@ static int rev_body(int s, int stype, unsigned char *context)
     SSL_set_bio(con, sbio, sbio);
     SSL_set_accept_state(con);
 
+    /* No need to free |con| after this. Done by BIO_free(ssl_bio) */
     BIO_set_ssl(ssl_bio, con, BIO_CLOSE);
     BIO_push(io, ssl_bio);
 #ifdef CHARSET_EBCDIC

More information about the openssl-commits mailing list