From: Todd Short <todd.short@me.com>
Date: Thu, 16 Feb 2023 15:56:29 +0000 (-0500)
Subject: Fix possible memory leak on error
X-Git-Tag: openssl-3.2.0-alpha1~1275
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c10ded8c2c862992c98b83909a679aa0bb448a55;p=thirdparty%2Fopenssl.git

Fix possible memory leak on error

The two places that call `ossl_ssl_init()` assume that no additional
memory has been allocated when this fails; they subsequently free
the QUIC_CONNECTION/SSL_CONNECTION via OPENSSL_free() without freeing
any other resources.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20316)
---

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 25497985988..44ba62ffde2 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -712,14 +712,17 @@ int ossl_ssl_init(SSL *ssl, SSL_CTX *ctx, const SSL_METHOD *method, int type)
     if (ssl->lock == NULL)
         return 0;
 
+    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, ssl, &ssl->ex_data)) {
+        CRYPTO_THREAD_lock_free(ssl->lock);
+        ssl->lock = NULL;
+        return 0;
+    }
+
     SSL_CTX_up_ref(ctx);
     ssl->ctx = ctx;
 
     ssl->defltmeth = ssl->method = method;
 
-    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, ssl, &ssl->ex_data))
-        return 0;
-
     return 1;
 }