diff options
author | Daniel Stenberg <daniel@haxx.se> | 2020-11-30 17:36:42 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2020-12-01 08:03:47 +0100 |
commit | 2d4d012a49a058ed886ef95cd91b412a98002006 (patch) | |
tree | 1537899f6f7a8be6dac89a2222145e7067ad35d5 /lib/vtls | |
parent | 0d75bf9ae99f62ac5aab46cd281fd5a7e0760a69 (diff) | |
download | curl-2d4d012a49a058ed886ef95cd91b412a98002006.tar.gz |
openssl: free mem_buf in error path
To fix a memory-leak.
Closes #6267
Diffstat (limited to 'lib/vtls')
-rw-r--r-- | lib/vtls/openssl.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 8309bc405..04bf0c15a 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -2731,33 +2731,33 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) if(ssl_cert || ssl_cert_blob || ssl_cert_type) { BIO *ssl_cert_bio = NULL; BIO *ssl_key_bio = NULL; - int result_cert_stuff; if(ssl_cert_blob) { /* the typecast of blob->len is fine since it is guaranteed to never be larger than CURL_MAX_INPUT_LENGTH */ ssl_cert_bio = BIO_new_mem_buf(ssl_cert_blob->data, (int)ssl_cert_blob->len); if(!ssl_cert_bio) - return CURLE_SSL_CERTPROBLEM; + result = CURLE_OUT_OF_MEMORY; } - if(SSL_SET_OPTION(key_blob)) { + if(!result && SSL_SET_OPTION(key_blob)) { ssl_key_bio = BIO_new_mem_buf(SSL_SET_OPTION(key_blob)->data, (int)SSL_SET_OPTION(key_blob)->len); if(!ssl_key_bio) - return CURLE_SSL_CERTPROBLEM; + result = CURLE_OUT_OF_MEMORY; } - result_cert_stuff = cert_stuff(conn, backend->ctx, + if(!result && + !cert_stuff(conn, backend->ctx, ssl_cert, ssl_cert_bio, ssl_cert_type, SSL_SET_OPTION(key), ssl_key_bio, - SSL_SET_OPTION(key_type), SSL_SET_OPTION(key_passwd)); + SSL_SET_OPTION(key_type), SSL_SET_OPTION(key_passwd))) + result = CURLE_SSL_CERTPROBLEM; if(ssl_cert_bio) BIO_free(ssl_cert_bio); if(ssl_key_bio) BIO_free(ssl_key_bio); - if(!result_cert_stuff) { + if(result) /* failf() is already done in cert_stuff() */ - return CURLE_SSL_CERTPROBLEM; - } + return result; } ciphers = SSL_CONN_CONFIG(cipher_list); |