Fix memory leak.

Fix memory leak by freeing up saved_message.data if it is not NULL. PR#3489 Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
openssl · Jan 6, 2015 · 41cd41c · 41cd41c
1 parent 3a83462
commit 41cd41c
Showing 1 changed file with 10 additions and 2 deletions.
diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c
@@ -1097,7 +1097,12 @@ static int dgram_sctp_free(BIO *a)
 		return 0;
 
 	data = (bio_dgram_sctp_data *)a->ptr;
-	if(data != NULL) OPENSSL_free(data);
+	if(data != NULL)
+		{
+		if(data->saved_message.data != NULL)
+			OPENSSL_free(data->saved_message.data);
+		OPENSSL_free(data);
+		}
 
 	return(1);
 	}
@@ -1214,6 +1219,7 @@ static int dgram_sctp_read(BIO *b, char *out, int outl)
 						dgram_sctp_write(data->saved_message.bio, data->saved_message.data,
 						                 data->saved_message.length);
 						OPENSSL_free(data->saved_message.data);
+						data->saved_message.data = NULL;
 						data->saved_message.length = 0;
 						}
 
@@ -1385,9 +1391,11 @@ static int dgram_sctp_write(BIO *b, const char *in, int inl)
 	if (data->save_shutdown && !BIO_dgram_sctp_wait_for_dry(b))
 	{
 		data->saved_message.bio = b;
-		data->saved_message.length = inl;
+		if (data->saved_message.data)
+			OPENSSL_free(data->saved_message.data);
 		data->saved_message.data = OPENSSL_malloc(inl);
 		memcpy(data->saved_message.data, in, inl);
+		data->saved_message.length = inl;
 		return inl;
 	}