Fix a memory leak on free

Forgot to free the CRYPTO_REF when freeing a token

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26517)

diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index 0f11ab69144b15f148adac01a69db2a8595f40b2..7810335430b6cb7ccdb1b5011a254ae2fd81fc47 100644 (file)
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -4819,7 +4819,10 @@ static QUIC_TOKEN *ossl_quic_build_new_token(BIO_ADDR *peer, uint8_t *token,
     addrptr = (uint8_t *)(portptr + 1);
     *famptr = family;
     *portptr = port;
-    BIO_ADDR_rawaddress(peer, addrptr, NULL);
+    if (!BIO_ADDR_rawaddress(peer, addrptr, NULL)) {
+        ossl_quic_free_peer_token((QTOK *)new_token);
+        return NULL;
+    }
     if (token != NULL)
         memcpy(new_token->token, token, token_len);
     return new_token;
@@ -4892,6 +4895,7 @@ void ossl_quic_free_peer_token(QTOK *token)
     if (refs > 0)
         return;
 
+    CRYPTO_FREE_REF(&tok->references);
     OPENSSL_free(tok);
 }