From: JiashengJiang <jiasheng@purdue.edu>
Date: Mon, 5 May 2025 18:07:54 +0000 (-0400)
Subject: ssl/t1_lib.c: Free gix if sk_TLS_GROUP_IX_push() fails to avoid memory leak
X-Git-Tag: openssl-3.5.1~103
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3e78fead7186210a433a8dc2c9a52b16740f0f55;p=thirdparty%2Fopenssl.git

ssl/t1_lib.c: Free gix if sk_TLS_GROUP_IX_push() fails to avoid memory leak

Add OPENSSL_free() to free gix if sk_TLS_GROUP_IX_push() fails to avoid memory leak

Fixes: 4b1c73d2dd ("ML-KEM hybrids for TLS")
Signed-off-by: JiashengJiang <jiasheng@purdue.edu>

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27568)

(cherry picked from commit 0ba71c0a24b185780a96b2c257653f4dcd3446c8)
---

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 8d0c2647b79..2f71f954382 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -972,8 +972,10 @@ int tls1_get0_implemented_groups(int min_proto_version, int max_proto_version,
             goto end;
         gix->grp = grps;
         gix->ix = ix;
-        if (sk_TLS_GROUP_IX_push(collect, gix) <= 0)
+        if (sk_TLS_GROUP_IX_push(collect, gix) <= 0) {
+            OPENSSL_free(gix);
             goto end;
+        }
     }
 
     sk_TLS_GROUP_IX_sort(collect);