From 6f0636a09f65316c811acea83fe360703c243793 Mon Sep 17 00:00:00 2001
From: Paul Bakker
Date: Mon, 16 Dec 2013 15:24:05 +0100
Subject: [PATCH] Potential memory leak in ssl_ticket_keys_init()
---
ChangeLog | 1 +
library/ssl_tls.c | 9 ++++++++-
2 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/ChangeLog b/ChangeLog
index 84115d495..939024307 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -21,6 +21,7 @@ Bugfix
* SSL now gracefully handles missing RNG
* Missing defines / cases for RSA_PSK key exchange
* crypt_and_hash app checks MAC before final decryption
+ * Potential memory leak in ssl_ticket_keys_init()
= PolarSSL 1.3.2 released on 2013-11-04
Features
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index a903b3e0d..c2f560335 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3449,17 +3449,24 @@ static int ssl_ticket_keys_init( ssl_context *ssl )
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->key_name, 16 ) ) != 0 )
+ {
+ polarssl_free( tkeys );
return( ret );
+ }
if( ( ret = ssl->f_rng( ssl->p_rng, buf, 16 ) ) != 0 ||
( ret = aes_setkey_enc( &tkeys->enc, buf, 128 ) ) != 0 ||
( ret = aes_setkey_dec( &tkeys->dec, buf, 128 ) ) != 0 )
{
- return( ret );
+ polarssl_free( tkeys );
+ return( ret );
}
if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->mac_key, 16 ) ) != 0 )
+ {
+ polarssl_free( tkeys );
return( ret );
+ }
ssl->ticket_keys = tkeys;