From: Niels Dossche Date: Mon, 28 Oct 2024 15:34:55 +0000 (+0100) Subject: Fix potential memory leak in BIO_get_accept_socket() X-Git-Tag: openssl-3.1.8~46 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=91cbe80409486ca3ff4a1969569fb1e774ce1f27;p=thirdparty%2Fopenssl.git Fix potential memory leak in BIO_get_accept_socket() When BIO_parse_hostserv() fails it may still have allocated memory, yet this memory is not freed. Fix it by jumping to the err label. Reviewed-by: Viktor Dukhovni Reviewed-by: David von Oheimb Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/25817) (cherry picked from commit 32476957ead4151dceaf873306fc7e79cd262812) --- diff --git a/crypto/bio/bio_addr.c b/crypto/bio/bio_addr.c index 77cb4395743..5852e9fe9e7 100644 --- a/crypto/bio/bio_addr.c +++ b/crypto/bio/bio_addr.c @@ -547,8 +547,13 @@ int BIO_parse_hostserv(const char *hostserv, char **host, char **service, *service = NULL; } else { *service = OPENSSL_strndup(p, pl); - if (*service == NULL) + if (*service == NULL) { + if (h != NULL && host != NULL) { + OPENSSL_free(*host); + *host = NULL; + } goto memerr; + } } } diff --git a/crypto/bio/bio_sock.c b/crypto/bio/bio_sock.c index 12e6a68e3a2..bb536379dc5 100644 --- a/crypto/bio/bio_sock.c +++ b/crypto/bio/bio_sock.c @@ -222,7 +222,7 @@ int BIO_get_accept_socket(char *host, int bind_mode) return INVALID_SOCKET; if (BIO_sock_init() != 1) - return INVALID_SOCKET; + goto err; if (BIO_lookup(h, p, BIO_LOOKUP_SERVER, AF_UNSPEC, SOCK_STREAM, &res) != 0) goto err;