apps/s_server.c: free ECH storage in ech_load_dir() on return

The ECH storage is to be freed on both error and success paths,
as it is copied by SSL_CTX_set1_echstore().

Resolves: https://scan5.scan.coverity.com/#/project-view/65248/10222?selectedIssue=1681454
Fixes: a2e5848d9d11 "s_client and s_server options for ECH"
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Wed Feb 25 11:10:38 2026
(Merged from https://github.com/openssl/openssl/pull/30139)

diff --git a/apps/s_server.c b/apps/s_server.c
index 615a9df7473e474456ba2670f1cd74b9c6ca51ba..07717e75377709264402cd2f3688b5126651517e 100644 (file)
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1574,6 +1574,7 @@ static int ech_load_dir(SSL_CTX *lctx, const char *thedir,
     OSSL_ECHSTORE *es = NULL;
     BIO *in = NULL;
     int loaded = 0;
+    int ret = 0;
 
     /*
      * If you change the output to bio_s_out here you may
@@ -1624,13 +1625,18 @@ static int ech_load_dir(SSL_CTX *lctx, const char *thedir,
     }
     if (SSL_CTX_set1_echstore(lctx, es) != 1) {
         BIO_puts(bio_err, "ECH: Internal error\n");
-        return 0;
+        goto end;
     }
     if (bio_s_out != NULL)
         BIO_printf(bio_s_out, "Added %d ECH key pairs from: %s\n",
             loaded, thedir);
     *nloaded = loaded;
-    return 1;
+    ret = 1;
+
+end:
+    OSSL_ECHSTORE_free(es);
+
+    return ret;
 }
 #endif