diff options
| author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2017-10-24 16:06:28 +0200 |
|---|---|---|
| committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2017-10-25 17:41:46 +0200 |
| commit | e6b10c344e1fe91d3dc321de7e92640c4ae2fc9b (patch) | |
| tree | de13df7dc84516032a7bd8fa5678453367280f3f | |
| parent | fe6fcd31546db1ab019e55edd15c953c5b358559 (diff) | |
| download | openssl-e6b10c344e1fe91d3dc321de7e92640c4ae2fc9b.tar.gz | |
Fix error handling in SSL_new
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4580)
| -rw-r--r-- | ssl/ssl_lib.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index cefb0ba5f2..0df69b4da6 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -624,9 +624,13 @@ SSL *SSL_new(SSL_CTX *ctx) if (s == NULL) goto err; + s->references = 1; s->lock = CRYPTO_THREAD_lock_new(); - if (s->lock == NULL) + if (s->lock == NULL) { + OPENSSL_free(s); + s = NULL; goto err; + } /* * If not using the standard RAND (say for fuzzing), then don't use a @@ -639,10 +643,8 @@ SSL *SSL_new(SSL_CTX *ctx) if (s->drbg == NULL || RAND_DRBG_instantiate(s->drbg, (const unsigned char *) SSL_version_str, - sizeof(SSL_version_str) - 1) == 0) { - CRYPTO_THREAD_lock_free(s->lock); + sizeof(SSL_version_str) - 1) == 0) goto err; - } } RECORD_LAYER_init(&s->rlayer, s); @@ -653,7 +655,6 @@ SSL *SSL_new(SSL_CTX *ctx) s->max_proto_version = ctx->max_proto_version; s->mode = ctx->mode; s->max_cert_list = ctx->max_cert_list; - s->references = 1; s->max_early_data = ctx->max_early_data; /* |