From d701c9aec910de55c58da1094229538440c6e9be Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Wed, 26 Feb 2014 17:54:07 +0100
Subject: [PATCH] Fix memory leak in server with expired tickets

---
 ChangeLog         | 2 ++
 library/ssl_srv.c | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 591a91ce3..2dd0c284c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -39,6 +39,8 @@ Bugfix
    send() would return an EAGAIN error when sending the ticket.
    * ssl_cache was leaking memory when reusing a timed out entry containing a
    client certificate.
+   * ssl_srv was leaking memory when client presented a timed out ticket
+   containing a client certificate
 
 = PolarSSL 1.3.4 released on 2014-01-27
 Features
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 99f72564f..85490502f 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -310,7 +310,7 @@ static int ssl_parse_ticket( ssl_context *ssl,
     if( ( ret = ssl_load_session( &session, ticket, clear_len ) ) != 0 )
     {
         SSL_DEBUG_MSG( 1, ( "failed to parse ticket content" ) );
-        memset( &session, 0, sizeof( ssl_session ) );
+        ssl_session_free( &session );
         return( ret );
     }
 
@@ -319,7 +319,7 @@ static int ssl_parse_ticket( ssl_context *ssl,
     if( (int) ( time( NULL) - session.start ) > ssl->ticket_lifetime )
     {
         SSL_DEBUG_MSG( 1, ( "session ticket expired" ) );
-        memset( &session, 0, sizeof( ssl_session ) );
+        ssl_session_free( &session );
         return( POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED );
     }
 #endif