From 6f0636a09f65316c811acea83fe360703c243793 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Mon, 16 Dec 2013 15:24:05 +0100 Subject: [PATCH] Potential memory leak in ssl_ticket_keys_init() --- ChangeLog | 1 + library/ssl_tls.c | 9 ++++++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 84115d495..939024307 100644 --- a/ChangeLog +++ b/ChangeLog @@ -21,6 +21,7 @@ Bugfix * SSL now gracefully handles missing RNG * Missing defines / cases for RSA_PSK key exchange * crypt_and_hash app checks MAC before final decryption + * Potential memory leak in ssl_ticket_keys_init() = PolarSSL 1.3.2 released on 2013-11-04 Features diff --git a/library/ssl_tls.c b/library/ssl_tls.c index a903b3e0d..c2f560335 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3449,17 +3449,24 @@ static int ssl_ticket_keys_init( ssl_context *ssl ) return( POLARSSL_ERR_SSL_MALLOC_FAILED ); if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->key_name, 16 ) ) != 0 ) + { + polarssl_free( tkeys ); return( ret ); + } if( ( ret = ssl->f_rng( ssl->p_rng, buf, 16 ) ) != 0 || ( ret = aes_setkey_enc( &tkeys->enc, buf, 128 ) ) != 0 || ( ret = aes_setkey_dec( &tkeys->dec, buf, 128 ) ) != 0 ) { - return( ret ); + polarssl_free( tkeys ); + return( ret ); } if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->mac_key, 16 ) ) != 0 ) + { + polarssl_free( tkeys ); return( ret ); + } ssl->ticket_keys = tkeys;