From df177ba72881f6fa479614bc306034da5e81065f Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Wed, 11 Sep 2013 11:45:41 +0200
Subject: [PATCH] Fixed potential memory leak when failing to resume a session

Conflicts:
	ChangeLog
	library/ssl_tls.c
---
 ChangeLog         | 3 +++
 library/ssl_tls.c | 7 +++++++
 2 files changed, 10 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 9e8eb0ba7..60ef749bc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,9 @@
 PolarSSL ChangeLog
 
 = Branch 1.1
+Bugfix
+   * Fixed potential memory leak when failing to resume a session
+
 Security
    * Potential buffer-overflow for ssl_read_record() (independently found by
      both TrustInSoft and Paul Brodeur of Leviathan Security Group)
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index a5d1cb144..73a6604c3 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1444,6 +1444,13 @@ int ssl_parse_certificate( ssl_context *ssl )
         return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE );
     }
 
+    /* In case we tried to reuse a session but it failed */
+    if( ssl->peer_cert != NULL )
+    {
+        x509_free( ssl->peer_cert );
+        free( ssl->peer_cert );
+    }
+
     if( ( ssl->peer_cert = (x509_cert *) malloc(
                     sizeof( x509_cert ) ) ) == NULL )
     {