From: Viktor Dukhovni <openssl-users@dukhovni.org>
Date: Fri, 9 Feb 2018 23:34:33 +0000 (-0500)
Subject: Avoid leaking peername data via accept BIOs
X-Git-Tag: OpenSSL_1_1_1-pre1~15
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=4e0752535eb87b9aab4cf193f4422b5801ab7b32;ds=sidebyside

Avoid leaking peername data via accept BIOs

Reviewed-by: Rich Salz <rsalz@openssl.org>
---

diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c
index e426ecd7fd..72ad6a19a9 100644
--- a/crypto/bio/bss_acpt.c
+++ b/crypto/bio/bss_acpt.c
@@ -275,6 +275,11 @@ static int acpt_state(BIO *b, BIO_ACCEPT *c)
             BIO_clear_retry_flags(b);
             b->retry_reason = 0;
 
+            OPENSSL_free(c->cache_peer_name);
+            c->cache_peer_name = NULL;
+            OPENSSL_free(c->cache_peer_serv);
+            c->cache_peer_serv = NULL;
+
             s = BIO_accept_ex(c->accept_sock, &c->cache_peer_addr,
                               c->accepted_mode);