Commit e6b10c34 authored by Bernd Edlinger's avatar Bernd Edlinger
Browse files

Fix error handling in SSL_new 



Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4580)
parent fe6fcd31

ssl/ssl_lib.c

+6 −5
Original line number Diff line number Diff line
@@ -624,9 +624,13 @@ SSL *SSL_new(SSL_CTX *ctx) 
    if (s == NULL)

        goto err;



    s->references = 1;

    s->lock = CRYPTO_THREAD_lock_new();

    if (s->lock == NULL)

    if (s->lock == NULL) {

        OPENSSL_free(s);

        s = NULL;

        goto err;

    }



    /*

     * If not using the standard RAND (say for fuzzing), then don't use a
@@ -639,11 +643,9 @@ SSL *SSL_new(SSL_CTX *ctx) 
        if (s->drbg == NULL

            || RAND_DRBG_instantiate(s->drbg,

                                     (const unsigned char *) SSL_version_str,

                                     sizeof(SSL_version_str) - 1) == 0) {

            CRYPTO_THREAD_lock_free(s->lock);

                                     sizeof(SSL_version_str) - 1) == 0)

            goto err;

    }

    }



    RECORD_LAYER_init(&s->rlayer, s);
@@ -653,7 +655,6 @@ SSL *SSL_new(SSL_CTX *ctx) 
    s->max_proto_version = ctx->max_proto_version;

    s->mode = ctx->mode;

    s->max_cert_list = ctx->max_cert_list;

    s->references = 1;

    s->max_early_data = ctx->max_early_data;



    /*