From: Neil Horman <nhorman@openssl.org>
Date: Tue, 28 Jan 2025 14:16:09 +0000 (-0500)
Subject: Fix a memory leak on free
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ece55ea234bdabe7fb0bcaeed685e61f502f0dec;p=thirdparty%2Fopenssl.git

Fix a memory leak on free

Forgot to free the CRYPTO_REF when freeing a token

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26517)
---

diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index 0f11ab69144..7810335430b 100644
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -4819,7 +4819,10 @@ static QUIC_TOKEN *ossl_quic_build_new_token(BIO_ADDR *peer, uint8_t *token,
     addrptr = (uint8_t *)(portptr + 1);
     *famptr = family;
     *portptr = port;
-    BIO_ADDR_rawaddress(peer, addrptr, NULL);
+    if (!BIO_ADDR_rawaddress(peer, addrptr, NULL)) {
+        ossl_quic_free_peer_token((QTOK *)new_token);
+        return NULL;
+    }
     if (token != NULL)
         memcpy(new_token->token, token, token_len);
     return new_token;
@@ -4892,6 +4895,7 @@ void ossl_quic_free_peer_token(QTOK *token)
     if (refs > 0)
         return;
 
+    CRYPTO_FREE_REF(&tok->references);
     OPENSSL_free(tok);
 }