From 3d6504a935928a5b58295a57226ae634d906b4e6 Mon Sep 17 00:00:00 2001
From: Paul Bakker
Date: Mon, 17 Mar 2014 13:41:51 +0100
Subject: [PATCH] ssl_init() left a dirty in_ctr pointer on failed allocation
of out_ctr
---
ChangeLog | 2 ++
library/ssl_tls.c | 3 ++-
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/ChangeLog b/ChangeLog
index 0667d2348b..1708dd3620 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -43,6 +43,8 @@ Bugfix
client certificate.
* ssl_srv was leaking memory when client presented a timed out ticket
containing a client certificate
+ * ssl_init() was leaving a dirty pointer in ssl_context if malloc of
+ out_ctr failed
= PolarSSL 1.3.4 released on 2014-01-27
Features
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 20cb9bdc75..3fd6e341ad 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3427,7 +3427,8 @@ int ssl_init( ssl_context *ssl )
if( ssl->out_ctr == NULL )
{
SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", len ) );
- polarssl_free( ssl-> in_ctr );
+ polarssl_free( ssl->in_ctr );
+ ssl->in_ctr = NULL;
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
}