45 lines
1.6 KiB
Diff
45 lines
1.6 KiB
Diff
From 0299b262cd9c75adab546f4851c03995d98d61e1 Mon Sep 17 00:00:00 2001
|
|
From: Daniel Gustafsson <daniel@yesql.se>
|
|
Date: Sat, 16 Feb 2019 22:30:31 +0100
|
|
Subject: [PATCH 552/557] mbedtls: release sessionid resources on error
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
If mbedtls_ssl_get_session() fails, it may still have allocated
|
|
memory that needs to be freed to avoid leaking. Call the library
|
|
API function to release session resources on this errorpath as
|
|
well as on Curl_ssl_addsessionid() errors.
|
|
|
|
Closes: #3574
|
|
Reported-by: Michał Antoniak <M.Antoniak@posnet.com>
|
|
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
---
|
|
lib/vtls/mbedtls.c | 3 +++
|
|
1 file changed, 3 insertions(+)
|
|
|
|
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
|
|
index c36c93e..27a9402 100644
|
|
--- a/lib/vtls/mbedtls.c
|
|
+++ b/lib/vtls/mbedtls.c
|
|
@@ -716,6 +716,8 @@ mbed_connect_step3(struct connectdata *conn,
|
|
|
|
ret = mbedtls_ssl_get_session(&BACKEND->ssl, our_ssl_sessionid);
|
|
if(ret) {
|
|
+ if(ret != MBEDTLS_ERR_SSL_ALLOC_FAILED)
|
|
+ mbedtls_ssl_session_free(our_ssl_sessionid);
|
|
free(our_ssl_sessionid);
|
|
failf(data, "mbedtls_ssl_get_session returned -0x%x", -ret);
|
|
return CURLE_SSL_CONNECT_ERROR;
|
|
@@ -729,6 +731,7 @@ mbed_connect_step3(struct connectdata *conn,
|
|
retcode = Curl_ssl_addsessionid(conn, our_ssl_sessionid, 0, sockindex);
|
|
Curl_ssl_sessionid_unlock(conn);
|
|
if(retcode) {
|
|
+ mbedtls_ssl_session_free(our_ssl_sessionid);
|
|
free(our_ssl_sessionid);
|
|
failf(data, "failed to store ssl session");
|
|
return retcode;
|
|
--
|
|
1.8.3.1
|
|
|