The branch OpenSSL_1_1_1-stable has been updated via bfbf06c4d29086f1c67ed38324a2c4a9f642d291 (commit) from f924b298125010b998b33abd158ac6a057b2bc9d (commit)
- Log ----------------------------------------------------------------- commit bfbf06c4d29086f1c67ed38324a2c4a9f642d291 Author: MiĆosz Kaniewski <milosz.kaniew...@gmail.com> Date: Tue Jun 30 21:46:38 2020 +0200 Free pre_proc_exts in SSL_free() Usually it will be freed in tls_early_post_process_client_hello(). However if a ClientHello callback will be used and will return SSL_CLIENT_HELLO_RETRY then tls_early_post_process_client_hello() may never come to the point where pre_proc_exts is freed. Fixes #12194 CLA: trivial Reviewed-by: Paul Dale <paul.d...@oracle.com> Reviewed-by: Ben Kaduk <ka...@mit.edu> (Merged from https://github.com/openssl/openssl/pull/12330) (cherry picked from commit 94941cada25433a7dca35b5b9f8cbb751ab65ab3) ----------------------------------------------------------------------- Summary of changes: ssl/ssl_lib.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index f6a4964ed2..433a537969 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1200,6 +1200,8 @@ void SSL_free(SSL *s) OPENSSL_free(s->ext.ocsp.resp); OPENSSL_free(s->ext.alpn); OPENSSL_free(s->ext.tls13_cookie); + if (s->clienthello != NULL) + OPENSSL_free(s->clienthello->pre_proc_exts); OPENSSL_free(s->clienthello); OPENSSL_free(s->pha_context); EVP_MD_CTX_free(s->pha_dgst);