Fix SSL_SESSION leak in tls_parse_ctos_psk() on ticket error paths

Two early 'return 0' statements bypass the err: label cleanup that
calls SSL_SESSION_free(sess). When tls_decrypt_ticket() allocates an
SSL_SESSION but the decrypt_ticket_cb returns ABORT, the session is
leaked. Replace 'return 0' with 'goto err' so the existing cleanup
handles it.

diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 6c84518fae19e3e6eb8c23ca0ed62e86e6a45f0d..552c44388e10fe4abecac542672827f3decf537f 100644 (file)
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -1442,13 +1442,13 @@ int tls_parse_ctos_psk(SSL_CONNECTION *s, PACKET *pkt, unsigned int context,
 
             if (ret == SSL_TICKET_EMPTY) {
                 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_EXTENSION);
-                return 0;
+                goto err;
             }
 
             if (ret == SSL_TICKET_FATAL_ERR_MALLOC
                 || ret == SSL_TICKET_FATAL_ERR_OTHER) {
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-                return 0;
+                goto err;
             }
             if (ret == SSL_TICKET_NONE || ret == SSL_TICKET_NO_DECRYPT)
                 continue;