summaryrefslogtreecommitdiff
path: root/lib/vtls
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2020-11-30 17:36:42 +0100
committerDaniel Stenberg <daniel@haxx.se>2020-12-01 08:03:47 +0100
commit2d4d012a49a058ed886ef95cd91b412a98002006 (patch)
tree1537899f6f7a8be6dac89a2222145e7067ad35d5 /lib/vtls
parent0d75bf9ae99f62ac5aab46cd281fd5a7e0760a69 (diff)
downloadcurl-2d4d012a49a058ed886ef95cd91b412a98002006.tar.gz
openssl: free mem_buf in error path
To fix a memory-leak. Closes #6267
Diffstat (limited to 'lib/vtls')
-rw-r--r--lib/vtls/openssl.c18
1 files changed, 9 insertions, 9 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 8309bc405..04bf0c15a 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -2731,33 +2731,33 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
if(ssl_cert || ssl_cert_blob || ssl_cert_type) {
BIO *ssl_cert_bio = NULL;
BIO *ssl_key_bio = NULL;
- int result_cert_stuff;
if(ssl_cert_blob) {
/* the typecast of blob->len is fine since it is guaranteed to never be
larger than CURL_MAX_INPUT_LENGTH */
ssl_cert_bio = BIO_new_mem_buf(ssl_cert_blob->data,
(int)ssl_cert_blob->len);
if(!ssl_cert_bio)
- return CURLE_SSL_CERTPROBLEM;
+ result = CURLE_OUT_OF_MEMORY;
}
- if(SSL_SET_OPTION(key_blob)) {
+ if(!result && SSL_SET_OPTION(key_blob)) {
ssl_key_bio = BIO_new_mem_buf(SSL_SET_OPTION(key_blob)->data,
(int)SSL_SET_OPTION(key_blob)->len);
if(!ssl_key_bio)
- return CURLE_SSL_CERTPROBLEM;
+ result = CURLE_OUT_OF_MEMORY;
}
- result_cert_stuff = cert_stuff(conn, backend->ctx,
+ if(!result &&
+ !cert_stuff(conn, backend->ctx,
ssl_cert, ssl_cert_bio, ssl_cert_type,
SSL_SET_OPTION(key), ssl_key_bio,
- SSL_SET_OPTION(key_type), SSL_SET_OPTION(key_passwd));
+ SSL_SET_OPTION(key_type), SSL_SET_OPTION(key_passwd)))
+ result = CURLE_SSL_CERTPROBLEM;
if(ssl_cert_bio)
BIO_free(ssl_cert_bio);
if(ssl_key_bio)
BIO_free(ssl_key_bio);
- if(!result_cert_stuff) {
+ if(result)
/* failf() is already done in cert_stuff() */
- return CURLE_SSL_CERTPROBLEM;
- }
+ return result;
}
ciphers = SSL_CONN_CONFIG(cipher_list);