root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Fix memory leaks in ssl_old_test.c 

This fixes a few memory leaks reported in #22049.

If SSL_CTX_set0_tmp_dh_pkey rejects the temp dh key
due to security restrictions (even when @SECLEVEL=0 is used!)
then the caller has to delete the PKEY object.
That is different to how the deprecated
SSL_CTX_set_tmp_dh_pkey was designed to work.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22060)

(cherry picked from commit 21f0b80cd4)
This commit is contained in:
Bernd Edlinger 2023-09-11 12:26:46 +02:00
parent 094c9297fa
commit ba3c334eca
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
test/ssl_old_test.c
View File

@ -1525,8 +1525,10 @@ int main(int argc, char *argv[])
ERR_print_errors(bio_err);
goto end;
}
SSL_CTX_set0_tmp_dh_pkey(s_ctx, dhpkey);
SSL_CTX_set0_tmp_dh_pkey(s_ctx2, dhpkey);
if (!SSL_CTX_set0_tmp_dh_pkey(s_ctx, dhpkey))
EVP_PKEY_free(dhpkey);
if (!SSL_CTX_set0_tmp_dh_pkey(s_ctx2, dhpkey))
EVP_PKEY_free(dhpkey);
}
#endif