[openssl] OpenSSL_1_1_1-stable update

kaduk at mit.edu kaduk at mit.edu
Thu Jul 2 00:49:56 UTC 2020


The branch OpenSSL_1_1_1-stable has been updated
       via  bfbf06c4d29086f1c67ed38324a2c4a9f642d291 (commit)
      from  f924b298125010b998b33abd158ac6a057b2bc9d (commit)


- Log -----------------------------------------------------------------
commit bfbf06c4d29086f1c67ed38324a2c4a9f642d291
Author: Miłosz Kaniewski <milosz.kaniewski at gmail.com>
Date:   Tue Jun 30 21:46:38 2020 +0200

    Free pre_proc_exts in SSL_free()
    
    Usually it will be freed in tls_early_post_process_client_hello().
    However if a ClientHello callback will be used and will return
    SSL_CLIENT_HELLO_RETRY then tls_early_post_process_client_hello()
    may never come to the point where pre_proc_exts is freed.
    
    Fixes #12194
    
    CLA: trivial
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    (Merged from https://github.com/openssl/openssl/pull/12330)
    
    (cherry picked from commit 94941cada25433a7dca35b5b9f8cbb751ab65ab3)

-----------------------------------------------------------------------

Summary of changes:
 ssl/ssl_lib.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index f6a4964ed2..433a537969 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1200,6 +1200,8 @@ void SSL_free(SSL *s)
     OPENSSL_free(s->ext.ocsp.resp);
     OPENSSL_free(s->ext.alpn);
     OPENSSL_free(s->ext.tls13_cookie);
+    if (s->clienthello != NULL)
+        OPENSSL_free(s->clienthello->pre_proc_exts);
     OPENSSL_free(s->clienthello);
     OPENSSL_free(s->pha_context);
     EVP_MD_CTX_free(s->pha_dgst);


More information about the openssl-commits mailing list