[openssl] master update

Dr. Paul Dale pauli at openssl.org
Tue Oct 6 22:57:14 UTC 2020 

The branch master has been updated
       via  a21db568bf3d0ab4194fd3e0917ee982f1fc8bfd (commit)
       via  8ad369171fc2b435c0ca427111481da4d4c3c1ce (commit)
      from  c5fc6754b7ab60a53b5c19e08a719d5001fa4d49 (commit)


- Log -----------------------------------------------------------------
commit a21db568bf3d0ab4194fd3e0917ee982f1fc8bfd
Author: Benny Baumann <BenBE at geshi.org>
Date:   Fri Oct 2 01:06:12 2020 +0200

    Avoid memory leak of parent on allocation failure for child structure
    
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/13055)

commit 8ad369171fc2b435c0ca427111481da4d4c3c1ce
Author: Benny Baumann <BenBE at geshi.org>
Date:   Fri Oct 2 01:04:06 2020 +0200

    Use size of target buffer for allocation
    
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/13055)

-----------------------------------------------------------------------

Summary of changes:
 apps/cms.c     | 6 ++++--
 ssl/ssl_sess.c | 2 +-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/apps/cms.c b/apps/cms.c
index 9312c37fc2..91d951980d 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -647,9 +647,11 @@ int cms_main(int argc, char **argv)
             if (key_param == NULL || key_param->idx != keyidx) {
                 cms_key_param *nparam;
                 nparam = app_malloc(sizeof(*nparam), "key param buffer");
-                nparam->idx = keyidx;
-                if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL)
+                if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL) {
+                    OPENSSL_free(nparam);
                     goto end;
+                }
+                nparam->idx = keyidx;
                 nparam->next = NULL;
                 if (key_first == NULL)
                     key_first = nparam;
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 83fc149cfd..4c4fc80023 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -110,7 +110,7 @@ SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket)
 {
     SSL_SESSION *dest;
 
-    dest = OPENSSL_malloc(sizeof(*src));
+    dest = OPENSSL_malloc(sizeof(*dest));
     if (dest == NULL) {
         goto err;
     }

More information about the openssl-commits mailing list