diff options
author | Bob Beck <beck@cvs.openbsd.org> | 2021-10-24 09:15:01 +0000 |
---|---|---|
committer | Bob Beck <beck@cvs.openbsd.org> | 2021-10-24 09:15:01 +0000 |
commit | b5e78de76e1bbf095dd4636f474d7d0111a9bf48 (patch) | |
tree | 146f215b5e805b441c22b7f9cba95920148e507a | |
parent | cd65bbdb91c53d70ad2d1a41b7024618b15cb031 (diff) |
Don't leak internal->verfied_chain, clean it up in ssl3_clear and free.
spotted by and ok jsing@
-rw-r--r-- | lib/libssl/s3_lib.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index e78b70f0d81..8a96a2cdefd 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.215 2021/09/08 12:56:14 tb Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.216 2021/10/24 09:15:00 beck Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1574,6 +1574,7 @@ ssl3_free(SSL *s) tls13_clienthello_hash_clear(&S3I(s)->hs.tls13); sk_X509_NAME_pop_free(S3I(s)->hs.tls12.ca_names, X509_NAME_free); + sk_X509_pop_free(s->internal->verified_chain, X509_free); tls1_transcript_free(s); tls1_transcript_hash_free(s); @@ -1595,6 +1596,8 @@ ssl3_clear(SSL *s) tls1_cleanup_key_block(s); sk_X509_NAME_pop_free(S3I(s)->hs.tls12.ca_names, X509_NAME_free); + sk_X509_pop_free(s->internal->verified_chain, X509_free); + s->internal->verified_chain = NULL; DH_free(S3I(s)->tmp.dh); S3I(s)->tmp.dh = NULL; |