Fix double free in cookie generation.
authorKurt Roeckx <kurt@roeckx.be>
Sun, 5 Mar 2017 20:00:11 +0000 (21:00 +0100)
committerKurt Roeckx <kurt@roeckx.be>
Mon, 6 Mar 2017 17:33:56 +0000 (18:33 +0100)
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
GH: #2850

ssl/statem/extensions_clnt.c

index 23dc8d3..8860462 100644 (file)
@@ -658,6 +658,7 @@ int tls_construct_ctos_cookie(SSL *s, WPACKET *pkt, unsigned int context,
     ret = 1;
  end:
     OPENSSL_free(s->ext.tls13_cookie);
+    s->ext.tls13_cookie = NULL;
     s->ext.tls13_cookie_len = 0;
 
     return ret;