Re: [Openvpn-devel] [PATCH] Fix a potential memory leak in tls_ctx_use_management_external_key

Antonio Quartulli Tue, 25 Jan 2022 08:47:53 -0800

Hi,

On 20/01/2022 17:26, selva.n...@gmail.com wrote:

From: Selva Nair <selva.n...@gmail.com>


As pointed out by Gert Doering <g...@greenie.muc.de>


This can be "gitified" as:

Reported-by: Gert Doering <g...@greenie.muc.de>


Signed-off-by: Selva Nair <selva.n...@gmail.com>
---
To be applied after 06/18 of xkey patchset

  src/openvpn/ssl_openssl.c | 1 +
  1 file changed, 1 insertion(+)

diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
index b48845eb..3f8c3091 100644
--- a/src/openvpn/ssl_openssl.c
+++ b/src/openvpn/ssl_openssl.c
@@ -1493,6 +1493,7 @@ tls_ctx_use_management_external_key(struct tls_root_ctx 
*ctx)
      if (!privkey
          || !SSL_CTX_use_PrivateKey(ctx->ctx, privkey))
      {
+        EVP_PKEY_free(privkey);
          goto cleanup;
      }
      EVP_PKEY_free(privkey);


This is non-crucial because we goto cleanup and then do a M_FATAL.

Nonetheless, we should strive to have cleaner error paths that take careof releasing allocated resources when possible.


Acked-by: Antonio Quartulli <a...@unstable.cc>

--
Antonio Quartulli


_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH] Fix a potential memory leak in tls_ctx_use_management_external_key

Reply via email to