Google Git
Sign in
boringssl/boringssl/6b6e0b20893e2be0e68af605a60ffa2cbb0ffa64^!/.
commit
6b6e0b20893e2be0e68af605a60ffa2cbb0ffa64
[log]
author
David Benjamin <davidben@google.com>
Fri Mar 11 19:30:29 2016 -0500
committer
David Benjamin <davidben@google.com>
Mon Mar 14 23:12:22 2016 +0000
tree
43ca2c958e39b5811ef67807682feb8095c24d00
parent
15c1488b6177b269a311814b63e670df534549e3 [diff]
Fix a memory leak in ssl3_get_certificate_request.

Found by libFuzzer.

Change-Id: Ifa343a184cc65f71fb6591d290b2d47d24a2be80
Reviewed-on: https://boringssl-review.googlesource.com/7456
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 869e5ac..fee0b51 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c

@@ -1411,6 +1411,7 @@
       OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
       goto err;
     }
+    xn = NULL;
   }
 
   /* we should setup a certificate to return.... */
@@ -1422,6 +1423,7 @@
   ret = 1;
 
 err:
+  X509_NAME_free(xn);
   sk_X509_NAME_pop_free(ca_sk, X509_NAME_free);
   return ret;
 }