Commit 9529419d authored by Matt Caswell's avatar Matt Caswell
Browse files

Fix a memory leak in the ClientHello extension parsing 



We should be freeing up the raw extension data after we've finished with it.

Reviewed-by: default avatarKurt Roeckx <kurt@openssl.org>
Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
parent 4bfe1432

ssl/statem/statem_srvr.c

+4 −0
Original line number Diff line number Diff line
@@ -907,6 +907,8 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt) 
     * structure.

     */



    memset(&clienthello, 0, sizeof(clienthello));



    clienthello.isv2 = RECORD_LAYER_is_sslv2_record(&s->rlayer);



    PACKET_null_init(&cookie);
@@ -1423,6 +1425,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt) 
    }



    sk_SSL_CIPHER_free(ciphers);

    OPENSSL_free(clienthello.pre_proc_exts);

    return MSG_PROCESS_CONTINUE_PROCESSING;

 f_err:

    ssl3_send_alert(s, SSL3_AL_FATAL, al);
@@ -1430,6 +1433,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt) 
    ossl_statem_set_error(s);



    sk_SSL_CIPHER_free(ciphers);

    OPENSSL_free(clienthello.pre_proc_exts);

    return MSG_PROCESS_ERROR;



}