aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorDaniel Gustafsson <daniel@yesql.se>2019-02-16 22:30:31 +0100
committerDaniel Gustafsson <daniel@yesql.se>2019-02-16 22:30:31 +0100
commit0299b262cd9c75adab546f4851c03995d98d61e1 (patch)
tree2e928de5eddeb5ae4f2757ce868709d8e0458c7b /lib
parent188036ca58e63443f4430e035f5c535dce772e40 (diff)
mbedtls: release sessionid resources on error
If mbedtls_ssl_get_session() fails, it may still have allocated memory that needs to be freed to avoid leaking. Call the library API function to release session resources on this errorpath as well as on Curl_ssl_addsessionid() errors. Closes: #3574 Reported-by: MichaƂ Antoniak <M.Antoniak@posnet.com> Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Diffstat (limited to 'lib')
-rw-r--r--lib/vtls/mbedtls.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index c36c93e3f..27a9402cb 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -716,6 +716,8 @@ mbed_connect_step3(struct connectdata *conn,
ret = mbedtls_ssl_get_session(&BACKEND->ssl, our_ssl_sessionid);
if(ret) {
+ if(ret != MBEDTLS_ERR_SSL_ALLOC_FAILED)
+ mbedtls_ssl_session_free(our_ssl_sessionid);
free(our_ssl_sessionid);
failf(data, "mbedtls_ssl_get_session returned -0x%x", -ret);
return CURLE_SSL_CONNECT_ERROR;
@@ -729,6 +731,7 @@ mbed_connect_step3(struct connectdata *conn,
retcode = Curl_ssl_addsessionid(conn, our_ssl_sessionid, 0, sockindex);
Curl_ssl_sessionid_unlock(conn);
if(retcode) {
+ mbedtls_ssl_session_free(our_ssl_sessionid);
free(our_ssl_sessionid);
failf(data, "failed to store ssl session");
return retcode;