root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Make sure we free and cleanse the pms value in all code paths 

Otherwise we get a memory leak.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2326)
This commit is contained in:
Matt Caswell 2017-01-30 19:36:51 +00:00
parent 787ebcafcd
commit c8ab3a4653
1 changed files with 1 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ssl/s3_lib.c
View File

@ -4118,10 +4118,8 @@ int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gensecret)
rv = rv && tls13_generate_handshake_secret(s, pms, pmslen);
} else {
/* Generate master secret and discard premaster */
rv = ssl_generate_master_secret(s, pms, pmslen, 1);
rv = ssl_generate_master_secret(s, pms, pmslen, 0);
}
pms = NULL;
} else {
/* Save premaster secret */
s->s3->tmp.pms = pms;