Fix memory leaks in the Certificate extensions code

After collecting extensions we must free them again. Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2284)

Fix memory leaks in the Certificate extensions code
After collecting extensions we must free them again. Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2284)
5ee289ea · Matt Caswell · 0fe2a0af · 5ee289ea · 5ee289ea
隐藏空白更改
内联并排

Showing with 8 addition and 2 deletion

ssl/statem/statem_clnt.c ssl/statem/statem_clnt.c +4 -1

ssl/statem/statem_srvr.c ssl/statem/statem_srvr.c +4 -1

未找到文件。
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -1425,8 +1425,11 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt)
            if (!tls_collect_extensions(s, &extensions, EXT_TLS1_3_CERTIFICATE,
                                        &rawexts, &al)
                    || !tls_parse_all_extensions(s, EXT_TLS1_3_CERTIFICATE,
-                                                 rawexts, x, chainidx, &al))
+                                                 rawexts, x, chainidx, &al)) {
+                OPENSSL_free(rawexts);
                goto f_err;
+            }
+            OPENSSL_free(rawexts);
        }

        if (!sk_X509_push(sk, x)) {

--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -3061,8 +3061,11 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
            if (!tls_collect_extensions(s, &extensions, EXT_TLS1_3_CERTIFICATE,
                                        &rawexts, &al)
                    || !tls_parse_all_extensions(s, EXT_TLS1_3_CERTIFICATE,
-                                                 rawexts, x, chainidx, &al))
+                                                 rawexts, x, chainidx, &al)) {
+                OPENSSL_free(rawexts);
                goto f_err;
+            }
+            OPENSSL_free(rawexts);
        }

        if (!sk_X509_push(sk, x)) {