Potential memory leak in ssl_ticket_keys_init()
diff --git a/ChangeLog b/ChangeLog
index 84115d4..9390243 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -21,6 +21,7 @@
* SSL now gracefully handles missing RNG
* Missing defines / cases for RSA_PSK key exchange
* crypt_and_hash app checks MAC before final decryption
+ * Potential memory leak in ssl_ticket_keys_init()
= PolarSSL 1.3.2 released on 2013-11-04
Features
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index a903b3e..c2f5603 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3449,17 +3449,24 @@
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->key_name, 16 ) ) != 0 )
+ {
+ polarssl_free( tkeys );
return( ret );
+ }
if( ( ret = ssl->f_rng( ssl->p_rng, buf, 16 ) ) != 0 ||
( ret = aes_setkey_enc( &tkeys->enc, buf, 128 ) ) != 0 ||
( ret = aes_setkey_dec( &tkeys->dec, buf, 128 ) ) != 0 )
{
- return( ret );
+ polarssl_free( tkeys );
+ return( ret );
}
if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->mac_key, 16 ) ) != 0 )
+ {
+ polarssl_free( tkeys );
return( ret );
+ }
ssl->ticket_keys = tkeys;