From: Mats Klepsland <mats.klepsland@gmail.com>
Date: Wed, 28 Mar 2018 20:29:15 +0000 (+0200)
Subject: app-layer-ssl: fix use-after-free (CID 1433623)
X-Git-Tag: suricata-4.1.0-rc1~164
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=900c27e2355e1e9f97351325edbf951d97d12c4e;p=thirdparty%2Fsuricata.git

app-layer-ssl: fix use-after-free (CID 1433623)

Ja3BufferAddValue frees the buffer on error, so there is no point
in doing it twice (use-after-free).
---

diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c
index c89bd369e9..0f290e93d3 100644
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -660,7 +660,6 @@ static inline int TLSDecodeHSHelloCipherSuites(SSLState *ssl_state,
             if (TLSDecodeValueIsGREASE(cipher_suite) != 1) {
                 rc = Ja3BufferAddValue(ja3_cipher_suites, cipher_suite);
                 if (rc != 0) {
-                    Ja3BufferFree(&ja3_cipher_suites);
                     return -1;
                 }
             }