Fix memory leak in session cache test

When we are using the internal cache we have to make a copy of the session before removing it from the parent context's cache, since we want our copy to still be resumable. However, SSL_CTX_remove_session() just detaches the session from the SSL_CTX; it does not free the session. So, we must call SSL_SESSION_free() ourselves before overwriting the variable that we dup'd from. Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4126)

Fix memory leak in session cache test
When we are using the internal cache we have to make a copy of the session before removing it from the parent context's cache, since we want our copy to still be resumable. However, SSL_CTX_remove_session() just detaches the session from the SSL_CTX; it does not free the session. So, we must call SSL_SESSION_free() ourselves before overwriting the variable that we dup'd from. Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4126)
3cb6a4d6 · Benjamin Kaduk · Benjamin Kaduk · 8d50b9c1 · 3cb6a4d6
隐藏空白更改
内联并排

Showing with 6 addition and 4 deletion

test/sslapitest.c test/sslapitest.c +6 -4

未找到文件。
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -992,10 +992,12 @@ static int execute_test_session(int maxprot, int use_int_cache,
         * the external cache. We take a copy first because
         * SSL_CTX_remove_session() also marks the session as non-resumable.
         */
-        if (use_int_cache
-                && (!TEST_ptr(tmp = SSL_SESSION_dup(sess2))
-                    || !TEST_true(SSL_CTX_remove_session(sctx, sess2))))
-            goto end;
+        if (use_int_cache) {
+            if (!TEST_ptr(tmp = SSL_SESSION_dup(sess2))
+                    || !TEST_true(SSL_CTX_remove_session(sctx, sess2)))
+                goto end;
+            SSL_SESSION_free(sess2);
+        }
        sess2 = tmp;
    }