From a288da61b634a979462402c1988be74ccdae21d4 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sat, 26 Oct 2013 12:02:50 +0300 Subject: [PATCH] OpenSSL: Fix memory leak on error path If SSL_CTX_new() fails in tls_init(), the per-SSL app-data allocation could have been leaked when multiple TLS instances are allocated. Signed-hostap: Jouni Malinen --- src/crypto/tls_openssl.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c index 3df2bd2ca..95c674a45 100644 --- a/src/crypto/tls_openssl.c +++ b/src/crypto/tls_openssl.c @@ -784,11 +784,13 @@ void * tls_init(const struct tls_config *conf) ssl = SSL_CTX_new(TLSv1_method()); if (ssl == NULL) { tls_openssl_ref_count--; +#ifdef OPENSSL_SUPPORTS_CTX_APP_DATA + if (context != tls_global) + os_free(context); +#endif /* OPENSSL_SUPPORTS_CTX_APP_DATA */ if (tls_openssl_ref_count == 0) { os_free(tls_global); tls_global = NULL; - } else if (context != tls_global) { - os_free(context); } return NULL; }