GitList

Browse code

Plug memory leak in mbedTLS backend

Signed-off-by: Ivo Manca <pinkel@gmail.com>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1464694920-3624-1-git-send-email-pinkel@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11751
Signed-off-by: David Sommerseth <dazo@privateinternetaccess.com>

Ivo Manca authored on 2016/05/31 20:42:00
Showing 1 changed files

src/openvpn/ssl_verify_mbedtls.c index 9c4b51a..522ff68 100644

src/openvpn/ssl_verify_mbedtls.c

History View file @ cd538f2

@@ -162,7 +162,7 @@ backend_x509_get_serial (mbedtls_x509_crt *cert, struct gc_arena *gc)
       cert->serial.len)))
     {
       msg(M_WARN, "Failed to retrieve serial from certificate.");
-      return NULL;
+      goto end;
     }
 
   /* Determine decimal representation length, allocate buffer */
@@ -173,9 +173,12 @@ backend_x509_get_serial (mbedtls_x509_crt *cert, struct gc_arena *gc)
   if (!mbed_ok(mbedtls_mpi_write_string(&serial_mpi, 10, buf, buflen, &buflen)))
     {
       msg(M_WARN, "Failed to write serial to string.");
-      return NULL;
+      buf = NULL;
+      goto end;
     }
 
+end:
+  mbedtls_mpi_free(&serial_mpi);
   return buf;
 }
 

...	...	@@ -162,7 +162,7 @@ backend_x509_get_serial (mbedtls_x509_crt cert, struct gc_arena gc)
162	162	cert->serial.len)))
163	163	{
164	164	msg(M_WARN, "Failed to retrieve serial from certificate.");
165		- return NULL;
	165	+ goto end;
166	166	}
167	167
168	168	/* Determine decimal representation length, allocate buffer */
...	...	@@ -173,9 +173,12 @@ backend_x509_get_serial (mbedtls_x509_crt cert, struct gc_arena gc)
173	173	if (!mbed_ok(mbedtls_mpi_write_string(&serial_mpi, 10, buf, buflen, &buflen)))
174	174	{
175	175	msg(M_WARN, "Failed to write serial to string.");
176		- return NULL;
	176	+ buf = NULL;
	177	+ goto end;
177	178	}
178	179
	180	+end:
	181	+ mbedtls_mpi_free(&serial_mpi);
179	182	return buf;
180	183	}
181	184