Submitted by: Adam Langley <agl@chromium.org>

Reviewed by: steve

Fix memory leaks.

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index e26226b5a396524224afad39373bc9fa4d9adb3b..eee8de1ab51dbf47d2b0eb1076dea73511d93fc4 100644 (file)
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -2291,6 +2291,7 @@ int ssl3_get_client_key_exchange(SSL *s)
                if (i <= 0)
                        {
                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
+                       BN_clear_free(pub);
                        goto err;
                        }
 

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 82d490a94fe318572db4d18efd51821bab0ce224..4734c37e0a02d90665a8ccd21f786b1a85d34b2e 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1247,6 +1247,12 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
                                sdata = data;
                                if (dsize > 0)
                                        {
+                                       if (s->tlsext_ocsp_exts)
+                                               {
+                                               sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
+                                                                          X509_EXTENSION_free);
+                                               }
+
                                        s->tlsext_ocsp_exts =
                                                d2i_X509_EXTENSIONS(NULL,
                                                        &sdata, dsize);