Hello OpenSSL org: I found the following issue via code inspection. In tls_process_client_key_exchange(), when EC is disabled, and an error occurs in ssl_generate_master_secret() or RAND_bytes(), the error path does not free rsa_decrypt.
Note that rsa_decrypt is not conditionally defined by OPENSSL_NO_RSA, so I did not wrap the free with that conditional. -- -Todd Short // [email protected]<mailto:[email protected]> // "One if by land, two if by sea, three if by the Internet."
0001-Memory-leak-in-state-machine-in-error-path.patch
Description: Binary data
_______________________________________________ openssl-bugs-mod mailing list [email protected] https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
