From 8c6a2a37bbe7fb3c2080270df7e1551be4a841d7 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Sun, 29 Jan 2017 18:51:35 +0200 Subject: [PATCH] Fix resource leak when using mutex and ssl_cookie When using ssl_cookie with MBEDTLS_THREADING_C, fix a resource leak caused by initiating a mutex in mbedtls_ssl_cookie_free instead of freeing it. Raised and fix suggested by lan Gillingham in the mbed TLS forum Tracked in #771 --- ChangeLog | 3 +++ library/ssl_cookie.c | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 79d9505b3..4eee33ddb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,7 @@ mbed TLS ChangeLog (Sorted per branch, date) = mbed TLS x.x.x branch released xxxx-xx-xx Bugfix +<<<<<<< HEAD * Fix the redefinition of macro ssl_set_bio to an undefined symbol mbedtls_ssl_set_bio_timeout in compat-1.3.h, by removing it. Found by omlib-lin. #673 @@ -17,6 +18,8 @@ Bugfix * Fixed the templates used to generate project and solution files for Visual Studio 2015 as well as the files themselves, to remove a build warning generated in Visual Studio 2015. Reported by Steve Valliere. #742 + * Fix a resource leak in ssl_cookie, when using MBEDTLS_THREADING_C. + Raised and fix suggested by Alan Gillingham in the mbed TLS forum. #771 = mbed TLS 2.4.1 branch released 2016-12-13 diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index 9fb32de7a..caf119990 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -98,7 +98,7 @@ void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx ) mbedtls_md_free( &ctx->hmac_ctx ); #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_free( &ctx->mutex ); #endif mbedtls_zeroize( ctx, sizeof( mbedtls_ssl_cookie_ctx ) );