Plug memory leak if push is interrupted

If a push is interrupted due to a timeout, c->c2.pulled_options_state is
never freed.  Fix that by always cleaning up any remaining pulled
options state when we close a connection.

This changes the mbedtls implementation of md_ctx_cleanup to actually
clean up the context, which was not needed earlier.

Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1516194984-1540-1-git-send-email-steffan.karger@fox-it.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg16265.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 07036fd3c456ed4ebf1809d8d9f34941d42865d0)

diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c
index b35bbeb09b4778bd5b9b51b8f44e6d1ff1532430..b393c4ef4006fd32fe7aa6d61dfa4673ee8b28f4 100644 (file)
--- a/src/openvpn/crypto_mbedtls.c
+++ b/src/openvpn/crypto_mbedtls.c
@@ -804,6 +804,7 @@ md_ctx_init(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *kt)
 void
 md_ctx_cleanup(mbedtls_md_context_t *ctx)
 {
+    mbedtls_md_free(ctx);
 }
 
 int

diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index 04874b8ff4a4448fb198b9df3995f14ba1442880..86a17f4d540e757439a029a658036f26fbc86d5b 100644 (file)
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -3434,6 +3434,12 @@ do_close_tls(struct context *c)
     }
     c->c2.options_string_local = c->c2.options_string_remote = NULL;
 #endif
+
+    if (c->c2.pulled_options_state)
+    {
+        md_ctx_cleanup(c->c2.pulled_options_state);
+        md_ctx_free(c->c2.pulled_options_state);
+    }
 #endif
 }