A null pointer dereference occurs when memory allocation fails

author yangyangtiantianlonglong <yangtianlong1224@163.com>

Mon, 31 Jul 2023 14:04:41 +0000 (07:04 -0700)

committer Hugo Landau <hlandau@openssl.org>

Wed, 2 Aug 2023 19:24:56 +0000 (20:24 +0100)
author yangyangtiantianlonglong <yangtianlong1224@163.com>
Mon, 31 Jul 2023 14:04:41 +0000 (07:04 -0700)
committer Hugo Landau <hlandau@openssl.org>
Wed, 2 Aug 2023 19:24:56 +0000 (20:24 +0100)
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c

index 90aec2badacc95bfdae034e8e7c9ddab7790fa02..bf84e792251b81eeedc32a53da5bf013942ae19e 100644 (file)
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -200,8 +200,11 @@ SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket)
      dest->references = 1;
  
      dest->lock = CRYPTO_THREAD_lock_new();
-    if (dest->lock == NULL)
+    if (dest->lock == NULL) {
+        OPENSSL_free(dest);
+        dest = NULL;
          goto err;
+    }
  
      if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, dest, &dest->ex_data))
          goto err;
author	yangyangtiantianlonglong <yangtianlong1224@163.com>
	Mon, 31 Jul 2023 14:04:41 +0000 (07:04 -0700)
committer	Hugo Landau <hlandau@openssl.org>
	Wed, 2 Aug 2023 19:24:56 +0000 (20:24 +0100)