Free up s->d1->buffered_app_data.q properly.
authorzhu qun-ying <qunying@yahoo.com>
Mon, 2 Jun 2014 13:38:52 +0000 (14:38 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Mon, 2 Jun 2014 22:55:55 +0000 (23:55 +0100)
PR#3286

ssl/d1_lib.c

index 2287ba6..7d9d91f 100644 (file)
@@ -202,9 +202,12 @@ static void dtls1_clear_queues(SSL *s)
 
        while ( (item = pqueue_pop(s->d1->buffered_app_data.q)) != NULL)
                {
-               frag = (hm_fragment *)item->data;
-               OPENSSL_free(frag->fragment);
-               OPENSSL_free(frag);
+               rdata = (DTLS1_RECORD_DATA *) item->data;
+               if (rdata->rbuf.buf)
+                       {
+                       OPENSSL_free(rdata->rbuf.buf);
+                       }
+               OPENSSL_free(item->data);
                pitem_free(item);
                }
        }