Potential memory leak in ssl_ticket_keys_init()

2024-11-22 11:45:42 +01:00 · 2013-12-16 15:24:05 +01:00 · 2013-12-16 15:24:05 +01:00 · 6f0636a09f
commit 6f0636a09f
parent 452f6ba1a6
2 changed files with 9 additions and 1 deletions
--- a/1
+++ b/1
@ -21,6 +21,7 @@ Bugfix
   * SSL now gracefully handles missing RNG
   * Missing defines / cases for RSA_PSK key exchange
   * crypt_and_hash app checks MAC before final decryption
+   * Potential memory leak in ssl_ticket_keys_init()

 = PolarSSL 1.3.2 released on 2013-11-04
 Features
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -3449,17 +3449,24 @@ static int ssl_ticket_keys_init( ssl_context *ssl )
        return( POLARSSL_ERR_SSL_MALLOC_FAILED );

    if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->key_name, 16 ) ) != 0 )
+    {
+        polarssl_free( tkeys );
        return( ret );
+    }

    if( ( ret = ssl->f_rng( ssl->p_rng, buf, 16 ) ) != 0 ||
        ( ret = aes_setkey_enc( &tkeys->enc, buf, 128 ) ) != 0 ||
        ( ret = aes_setkey_dec( &tkeys->dec, buf, 128 ) ) != 0 )
    {
+        polarssl_free( tkeys );
        return( ret );
    }

    if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->mac_key, 16 ) ) != 0 )
+    {
+        polarssl_free( tkeys );
        return( ret );
+    }

    ssl->ticket_keys = tkeys;