Free and cleanse pms on error

author Dr. Stephen Henson <steve@openssl.org>

Tue, 28 Jul 2015 15:04:53 +0000 (16:04 +0100)

committer Dr. Stephen Henson <steve@openssl.org>

Thu, 30 Jul 2015 13:55:33 +0000 (14:55 +0100)
author Dr. Stephen Henson <steve@openssl.org>
Tue, 28 Jul 2015 15:04:53 +0000 (16:04 +0100)
committer Dr. Stephen Henson <steve@openssl.org>
Thu, 30 Jul 2015 13:55:33 +0000 (14:55 +0100)
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c

index 2954b58c039d406cf78a08fb6958167adba8c5c3..0fc08819cacc8988b19cf6e7c932545935b55404 100644 (file)
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -4966,8 +4966,10 @@ int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
  
          pskpmslen = 4 + pmslen + psklen;
          pskpms = OPENSSL_malloc(pskpmslen);
-        if (pskpms == NULL)
-            return 0;
+        if (pskpms == NULL) {
+            s->session->master_key_length = 0;
+            goto err;
+        }
          t = pskpms;
          s2n(pmslen, t);
          if (alg_k & SSL_kPSK)
@@ -4991,6 +4993,8 @@ int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
              s->method->ssl3_enc->generate_master_secret(s,
                                                          s->session->master_key,
                                                          pms, pmslen);
+
+    err:
      if (pms) {
          if (free_pms)
              OPENSSL_clear_free(pms, pmslen);
author	Dr. Stephen Henson <steve@openssl.org>
	Tue, 28 Jul 2015 15:04:53 +0000 (16:04 +0100)
committer	Dr. Stephen Henson <steve@openssl.org>
	Thu, 30 Jul 2015 13:55:33 +0000 (14:55 +0100)