ssl/t1_lib.c: Free gix if sk_TLS_GROUP_IX_push() fails to avoid memory leak

Add OPENSSL_free() to free gix if sk_TLS_GROUP_IX_push() fails to avoid memory leak

Fixes: 4b1c73d2dd ("ML-KEM hybrids for TLS")
Signed-off-by: JiashengJiang <jiasheng@purdue.edu>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27568)

(cherry picked from commit 0ba71c0a24b185780a96b2c257653f4dcd3446c8)

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 8d0c2647b79cfa0e4f59c3092199dacc1b8351a3..2f71f954382d3671865093bdfc26364f6741c5fb 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -972,8 +972,10 @@ int tls1_get0_implemented_groups(int min_proto_version, int max_proto_version,
             goto end;
         gix->grp = grps;
         gix->ix = ix;
-        if (sk_TLS_GROUP_IX_push(collect, gix) <= 0)
+        if (sk_TLS_GROUP_IX_push(collect, gix) <= 0) {
+            OPENSSL_free(gix);
             goto end;
+        }
     }
 
     sk_TLS_GROUP_IX_sort(collect);