From 3d6504a935928a5b58295a57226ae634d906b4e6 Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Mon, 17 Mar 2014 13:41:51 +0100
Subject: [PATCH] ssl_init() left a dirty in_ctr pointer on failed allocation
 of out_ctr

---
 ChangeLog         | 2 ++
 library/ssl_tls.c | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 0667d2348..1708dd362 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -43,6 +43,8 @@ Bugfix
    client certificate.
    * ssl_srv was leaking memory when client presented a timed out ticket
    containing a client certificate
+   * ssl_init() was leaving a dirty pointer in ssl_context if malloc of
+     out_ctr failed
 
 = PolarSSL 1.3.4 released on 2014-01-27
 Features
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 20cb9bdc7..3fd6e341a 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3427,7 +3427,8 @@ int ssl_init( ssl_context *ssl )
     if( ssl->out_ctr == NULL )
     {
         SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", len ) );
-        polarssl_free( ssl-> in_ctr );
+        polarssl_free( ssl->in_ctr );
+        ssl->in_ctr = NULL;
         return( POLARSSL_ERR_SSL_MALLOC_FAILED );
     }