From: Holger Dengler <dengler@linux.ibm.com>
Date: Mon, 11 Nov 2024 10:29:12 +0000 (+0100)
Subject: Fix memleaks in cmd_RecordPadding()
X-Git-Tag: openssl-3.5.0-alpha1~918
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0abbd3e5ac0a3a7af69849b1a5010b4f0616ca37;p=thirdparty%2Fopenssl.git

Fix memleaks in cmd_RecordPadding()

Free the internal copy of parameter `value` on each early
exit.

Fixes #25906

Signed-off-by: Holger Dengler <dengler@linux.ibm.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25926)
---

diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index e6884b2b43f..e22511b634b 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -666,22 +666,19 @@ static int cmd_RecordPadding(SSL_CONF_CTX *cctx, const char *value)
 
     copy = OPENSSL_strdup(value);
     if (copy == NULL)
-        return 0;
+        goto out;
     commap = strstr(copy, ",");
     if (commap != NULL) {
         *commap = '\0';
-        if (*(commap + 1) == '\0') {
-            OPENSSL_free(copy);
-            return 0;
-        }
+        if (*(commap + 1) == '\0')
+            goto out;
         if (!OPENSSL_strtoul(commap + 1, &endptr, 0, &hs_padding))
-            return 0;
+            goto out;
     }
     if (!OPENSSL_strtoul(copy, &endptr, 0, &block_padding))
-        return 0;
+        goto out;
     if (commap == NULL)
         hs_padding = block_padding;
-    OPENSSL_free(copy);
 
     /*
      * All we care about are non-negative values,
@@ -693,6 +690,8 @@ static int cmd_RecordPadding(SSL_CONF_CTX *cctx, const char *value)
     if (cctx->ssl)
         rv = SSL_set_block_padding_ex(cctx->ssl, (size_t)block_padding,
                                       (size_t)hs_padding);
+out:
+    OPENSSL_free(copy);
     return rv;
 }