Fix a DTLS memory leak
authorMatt Caswell <matt@openssl.org>
Thu, 18 Oct 2018 09:12:07 +0000 (10:12 +0100)
committerMatt Caswell <matt@openssl.org>
Fri, 19 Oct 2018 13:19:22 +0000 (14:19 +0100)
Fixes #7428

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7431)

(cherry picked from commit 01666a8c1db3ecfb999e1a8f2c5436d114f95681)

ssl/statem/statem_srvr.c

index ac5fd09..7d0e9d0 100644 (file)
@@ -1519,8 +1519,10 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
              * So check cookie length...
              */
             if (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE) {
-                if (clienthello->dtls_cookie_len == 0)
+                if (clienthello->dtls_cookie_len == 0) {
+                    OPENSSL_free(clienthello);
                     return MSG_PROCESS_FINISHED_READING;
+                }
             }
         }