Skip to content

Commit 7fd4ce6

Browse files
snhensonGeoff Thorpe
authored and
Geoff Thorpe
committed
Fix for session tickets memory leak.
CVE-2014-3567 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 5dc6070a03779cd524f0e67f76c945cb0ac38320)
1 parent d9d09a8 commit 7fd4ce6

File tree

1 file changed

+3
-0
lines changed

1 file changed

+3
-0
lines changed

Diff for: ssl/t1_lib.c

+3
Original file line numberDiff line numberDiff line change
@@ -2348,7 +2348,10 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
23482348
HMAC_Final(&hctx, tick_hmac, NULL);
23492349
HMAC_CTX_cleanup(&hctx);
23502350
if (CRYPTO_memcmp(tick_hmac, etick + eticklen, mlen))
2351+
{
2352+
EVP_CIPHER_CTX_cleanup(&ctx);
23512353
return 2;
2354+
}
23522355
/* Attempt to decrypt session data */
23532356
/* Move p after IV to start of encrypted ticket, update length */
23542357
p = etick + 16 + EVP_CIPHER_CTX_iv_length(&ctx);

0 commit comments

Comments
 (0)