From 8d6ad9e39d3e104427c133ac45ce05f30da9f9a3 Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Sat, 21 Dec 2002 23:49:21 +0000
Subject: [PATCH] Stop a possible memory leak. (I wonder why s2_connect()
 handles the initial buffer allocation slightly differently...) PR: 416

---
 ssl/s23_clnt.c | 5 ++++-
 ssl/s2_clnt.c  | 5 +++++
 ssl/s3_clnt.c  | 5 ++++-
 3 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index ffaf3baff3..64ee4269ec 100644
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -105,7 +105,7 @@ SSL_METHOD *SSLv23_client_method(void)
 
 int ssl23_connect(SSL *s)
 	{
-	BUF_MEM *buf;
+	BUF_MEM *buf=NULL;
 	unsigned long Time=time(NULL);
 	void (*cb)(const SSL *ssl,int type,int val)=NULL;
 	int ret= -1;
@@ -159,6 +159,7 @@ int ssl23_connect(SSL *s)
 					goto end;
 					}
 				s->init_buf=buf;
+				buf=NULL;
 				}
 
 			if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
@@ -207,6 +208,8 @@ int ssl23_connect(SSL *s)
 		}
 end:
 	s->in_handshake--;
+	if (buf != NULL)
+		BUF_MEM_free(buf);
 	if (cb != NULL)
 		cb(s,SSL_CB_CONNECT_EXIT,ret);
 	return(ret);
diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c
index da783230a5..0bc04d284e 100644
--- a/ssl/s2_clnt.c
+++ b/ssl/s2_clnt.c
@@ -208,10 +208,13 @@ int ssl2_connect(SSL *s)
 			if (!BUF_MEM_grow(buf,
 				SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
 				{
+				if (buf == s->init_buf)
+					buf=NULL;
 				ret= -1;
 				goto end;
 				}
 			s->init_buf=buf;
+			buf=NULL;
 			s->init_num=0;
 			s->state=SSL2_ST_SEND_CLIENT_HELLO_A;
 			s->ctx->stats.sess_connect++;
@@ -338,6 +341,8 @@ int ssl2_connect(SSL *s)
 		}
 end:
 	s->in_handshake--;
+	if (buf != NULL)
+		BUF_MEM_free(buf);
 	if (cb != NULL) 
 		cb(s,SSL_CB_CONNECT_EXIT,ret);
 	return(ret);
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index aff0d9e61b..477b681645 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -183,7 +183,7 @@ SSL_METHOD *SSLv3_client_method(void)
 
 int ssl3_connect(SSL *s)
 	{
-	BUF_MEM *buf;
+	BUF_MEM *buf=NULL;
 	unsigned long Time=time(NULL),l;
 	long num1;
 	void (*cb)(const SSL *ssl,int type,int val)=NULL;
@@ -244,6 +244,7 @@ int ssl3_connect(SSL *s)
 					goto end;
 					}
 				s->init_buf=buf;
+				buf=NULL;
 				}
 
 			if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
@@ -529,6 +530,8 @@ int ssl3_connect(SSL *s)
 		}
 end:
 	s->in_handshake--;
+	if (buf != NULL)
+		BUF_MEM_free(buf);
 	if (cb != NULL)
 		cb(s,SSL_CB_CONNECT_EXIT,ret);
 	return(ret);
-- 
2.34.1