Plug memory leak if push is interrupted

If a push is interrupted due to a timeout, c->c2.pulled_options_state is
never freed.  Fix that by always cleaning up any remaining pulled
options state when we close a connection.

This changes the mbedtls implementation of md_ctx_cleanup to actually
clean up the context, which was not needed earlier.

Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1516194984-1540-1-git-send-email-steffan.karger@fox-it.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg16265.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c
index 8fa03da592fb50a2e155e3b0f76c3c823dbb748b..8fc252f95b046eb0721f0661ecb1ad87a927478f 100644 (file)
--- a/src/openvpn/crypto_mbedtls.c
+++ b/src/openvpn/crypto_mbedtls.c
@@ -804,6 +804,7 @@ md_ctx_init(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *kt)
 void
 md_ctx_cleanup(mbedtls_md_context_t *ctx)
 {
+    mbedtls_md_free(ctx);
 }
 
 int

diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index 30beadb67a728e7819aa451dd8cd4377b4496d39..abf8da2241f9fcf5372b776ed0e0edce4d333fee 100644 (file)
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -3384,6 +3384,12 @@ do_close_tls(struct context *c)
     }
     c->c2.options_string_local = c->c2.options_string_remote = NULL;
 #endif
+
+    if (c->c2.pulled_options_state)
+    {
+        md_ctx_cleanup(c->c2.pulled_options_state);
+        md_ctx_free(c->c2.pulled_options_state);
+    }
 }
 
 /*