Addressed memory leaks in DHE and ECDHE rehandshakes.

The memory leak was uncovered by the Codenomicon TLS suite.

2 files changed, 16 insertions, 0 deletions

diff --git a/lib/auth/dh_common.c b/lib/auth/dh_common.c
index 54a47bd8ba..4508fa3fff 100644
--- a/lib/auth/dh_common.c
+++ b/lib/auth/dh_common.c
@@ -178,6 +178,9 @@ _gnutls_gen_dh_common_client_kx_int(gnutls_session_t session,
 int _gnutls_set_dh_pk_params(gnutls_session_t session, bigint_t g, bigint_t p,
 				unsigned q_bits)
 {
+	/* just in case we are resuming a session */
+	gnutls_pk_params_release(&session->key.dh_params);
+
 	gnutls_pk_params_init(&session->key.dh_params);
 
 	session->key.dh_params.params[DH_G] = _gnutls_mpi_copy(g);
@@ -210,6 +213,9 @@ _gnutls_proc_dh_common_server_kx(gnutls_session_t session,
 	int i, bits, ret, p_bits;
 	ssize_t data_size = _data_size;
 	
+	/* just in case we are resuming a session */
+	gnutls_pk_params_release(&session->key.dh_params);
+
 	gnutls_pk_params_init(&session->key.dh_params);
 
 	i = 0;
diff --git a/lib/auth/ecdhe.c b/lib/auth/ecdhe.c
index cdd87f7780..ad6c6c2e99 100644
--- a/lib/auth/ecdhe.c
+++ b/lib/auth/ecdhe.c
@@ -274,6 +274,11 @@ _gnutls_proc_ecdh_common_server_kx(gnutls_session_t session,
 	gnutls_ecc_curve_t curve;
 	ssize_t data_size = _data_size;
 
+	/* just in case we are resuming a session */
+	gnutls_pk_params_release(&session->key.ecdh_params);
+
+	gnutls_pk_params_init(&session->key.ecdh_params);
+
 	i = 0;
 	DECR_LEN(data_size, 1);
 	if (data[i++] != 3)
@@ -380,6 +385,11 @@ gen_ecdhe_server_kx(gnutls_session_t session, gnutls_buffer_st * data)
 		return ret;
 	}
 
+	/* just in case we are resuming a session */
+	gnutls_pk_params_release(&session->key.ecdh_params);
+
+	gnutls_pk_params_init(&session->key.ecdh_params);
+
 	ret =
 	    _gnutls_ecdh_common_print_server_kx(session, data,
 						_gnutls_session_ecc_curve_get