summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBob Beck <beck@cvs.openbsd.org>2021-10-24 09:15:01 +0000
committerBob Beck <beck@cvs.openbsd.org>2021-10-24 09:15:01 +0000
commitb5e78de76e1bbf095dd4636f474d7d0111a9bf48 (patch)
tree146f215b5e805b441c22b7f9cba95920148e507a
parentcd65bbdb91c53d70ad2d1a41b7024618b15cb031 (diff)
Don't leak internal->verfied_chain, clean it up in ssl3_clear and free.
spotted by and ok jsing@
-rw-r--r--lib/libssl/s3_lib.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index e78b70f0d81..8a96a2cdefd 100644
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.215 2021/09/08 12:56:14 tb Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.216 2021/10/24 09:15:00 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -1574,6 +1574,7 @@ ssl3_free(SSL *s)
tls13_clienthello_hash_clear(&S3I(s)->hs.tls13);
sk_X509_NAME_pop_free(S3I(s)->hs.tls12.ca_names, X509_NAME_free);
+ sk_X509_pop_free(s->internal->verified_chain, X509_free);
tls1_transcript_free(s);
tls1_transcript_hash_free(s);
@@ -1595,6 +1596,8 @@ ssl3_clear(SSL *s)
tls1_cleanup_key_block(s);
sk_X509_NAME_pop_free(S3I(s)->hs.tls12.ca_names, X509_NAME_free);
+ sk_X509_pop_free(s->internal->verified_chain, X509_free);
+ s->internal->verified_chain = NULL;
DH_free(S3I(s)->tmp.dh);
S3I(s)->tmp.dh = NULL;