Fix more memory leaks on malloc failure.
Caught by malloc valgrind tests on Basic-Client-Sync. Also one by inspection
and verified with valgrind. Those should pass now with the exception of
CRYPTO_free_ex_data being internally implemented with malloc.
(Clearly we next should make our malloc tests assert that the containing
function fails to catch when we fail to check for some error and things
silently move one.)
Change-Id: I56c51dc8a32a7d3c7ac907d54015dc241728c761
Reviewed-on: https://boringssl-review.googlesource.com/3440
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c
index b68eed7..e59025b 100644
--- a/crypto/asn1/tasn_new.c
+++ b/crypto/asn1/tasn_new.c
@@ -212,6 +212,7 @@
memerr:
OPENSSL_PUT_ERROR(ASN1, asn1_item_ex_combine_new, ERR_R_MALLOC_FAILURE);
+ ASN1_item_ex_free(pval, it);
#ifdef CRYPTO_MDEBUG
if (it->sname) CRYPTO_pop_info();
#endif
diff --git a/crypto/ec/ec_montgomery.c b/crypto/ec/ec_montgomery.c
index b1c6fe8..0e5120c 100644
--- a/crypto/ec/ec_montgomery.c
+++ b/crypto/ec/ec_montgomery.c
@@ -247,6 +247,9 @@
if (mont != NULL) {
BN_MONT_CTX_free(mont);
}
+ if (one != NULL) {
+ BN_free(one);
+ }
return ret;
}
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index f3bdefd..c6752eb 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1243,8 +1243,12 @@
}
ngroup = EC_GROUP_new_by_curve_name(curve_nid);
- if (ngroup == NULL ||
- EC_KEY_set_group(ecdh, ngroup) == 0) {
+ if (ngroup == NULL) {
+ OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, ERR_R_EC_LIB);
+ goto err;
+ }
+ if (!EC_KEY_set_group(ecdh, ngroup)) {
+ EC_GROUP_free(ngroup);
OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, ERR_R_EC_LIB);
goto err;
}
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 2045590..14e471d 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1979,6 +1979,7 @@
if (premaster_secret == NULL) {
OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange,
ERR_R_MALLOC_FAILURE);
+ BN_clear_free(pub);
goto err;
}
