X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fs23_srvr.c;h=1a8cbaa4a8ab2cca1fbff9c411dbf570738923a9;hp=08aa5b6cf0882366c014b47290177dcbf3393458;hb=e636e2acd753fb68f587c9fac2f381ad8c153528;hpb=00b4ee7664051a0dc589b1d81ba56582576a6ca4

diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c
index 08aa5b6cf0..1a8cbaa4a8 100644
--- a/ssl/s23_srvr.c
+++ b/ssl/s23_srvr.c
@@ -185,6 +185,7 @@ int ssl23_accept(SSL *s)
 					}
 				if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
 					{
+					BUF_MEM_free(buf);
 					ret= -1;
 					goto end;
 					}
@@ -316,10 +317,11 @@ int ssl23_get_client_hello(SSL *s)
 					}
 				}
 			}
+		/* p[4] < 5 ... silly record length? */
 		else if ((p[0] == SSL3_RT_HANDSHAKE) &&
 			 (p[1] == SSL3_VERSION_MAJOR) &&
 			 (p[5] == SSL3_MT_CLIENT_HELLO) &&
-			 ((p[3] == 0 && p[4] < 5 /* silly record length? */)
+			 ((p[3] == 0 && p[4] < 5)
 				|| (p[9] >= p[1])))
 			{
 			/*
@@ -439,7 +441,8 @@ int ssl23_get_client_hello(SSL *s)
 		v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
 		v[1] = p[4];
 
-		/* An SSLv3/TLSv1 backwards-compatible CLIENT-HELLO in an SSLv2
+		/*-
+		 * An SSLv3/TLSv1 backwards-compatible CLIENT-HELLO in an SSLv2
 		 * header is sent directly on the wire, not wrapped as a TLS
 		 * record. It's format is:
 		 * Byte  Content
@@ -470,8 +473,10 @@ int ssl23_get_client_hello(SSL *s)
 		if (j <= 0) return(j);
 
 		ssl3_finish_mac(s, s->packet+2, s->packet_length-2);
+
+		/* CLIENT-HELLO */
 		if (s->msg_callback)
-			s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->packet_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
+			s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->packet_length-2, s, s->msg_callback_arg);
 
 		p=s->packet;
 		p+=5;