From: Jouni Malinen <j@w1.fi>
Date: Sat, 26 Oct 2013 09:02:50 +0000 (+0300)
Subject: OpenSSL: Fix memory leak on error path
X-Git-Tag: hostap_2_1~789
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a288da61b634a979462402c1988be74ccdae21d4;p=thirdparty%2Fhostap.git

OpenSSL: Fix memory leak on error path

If SSL_CTX_new() fails in tls_init(), the per-SSL app-data allocation
could have been leaked when multiple TLS instances are allocated.

Signed-hostap: Jouni Malinen <j@w1.fi>
---

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 3df2bd2ca..95c674a45 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -784,11 +784,13 @@ void * tls_init(const struct tls_config *conf)
 	ssl = SSL_CTX_new(TLSv1_method());
 	if (ssl == NULL) {
 		tls_openssl_ref_count--;
+#ifdef OPENSSL_SUPPORTS_CTX_APP_DATA
+		if (context != tls_global)
+			os_free(context);
+#endif /* OPENSSL_SUPPORTS_CTX_APP_DATA */
 		if (tls_openssl_ref_count == 0) {
 			os_free(tls_global);
 			tls_global = NULL;
-		} else if (context != tls_global) {
-			os_free(context);
 		}
 		return NULL;
 	}