Fix a memleak in tls13_generate_secret.

Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3660)
author: Bernd Edlinger <bernd.edlinger@hotmail.de> 2017-06-12 19:30:10 +0200
committer: Rich Salz <rsalz@openssl.org> 2017-06-12 15:15:04 -0400
commit: 71d8c138cf0a72663cd401d753564eecd8c23289 (patch)
tree: 3e17c285fb395541c5c3e178673a4b6976758945
parent: 5816586ba45bba05f6d9f0432a408063a42e1012 (diff)
download: openssl-71d8c138cf0a72663cd401d753564eecd8c23289.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
index 2763475382..bc1995e21f 100644
--- a/ssl/tls13_enc.c
+++ b/ssl/tls13_enc.c
@@ -148,6 +148,7 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md,
                 || EVP_DigestInit_ex(mctx, md, NULL) <= 0
                 || EVP_DigestFinal_ex(mctx, hash, NULL) <= 0) {
             EVP_MD_CTX_free(mctx);
+            EVP_PKEY_CTX_free(pctx);
             return 0;
         }
         EVP_MD_CTX_free(mctx);
@@ -156,8 +157,10 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md,
         if (!tls13_hkdf_expand(s, md, prevsecret,
                                (unsigned char *)derived_secret_label,
                                sizeof(derived_secret_label) - 1, hash,
-                               preextractsec, mdlen))
+                               preextractsec, mdlen)) {
+            EVP_PKEY_CTX_free(pctx);
             return 0;
+        }
 
         prevsecret = preextractsec;
         prevsecretlen = mdlen;
author	Bernd Edlinger <bernd.edlinger@hotmail.de>	2017-06-12 19:30:10 +0200
committer	Rich Salz <rsalz@openssl.org>	2017-06-12 15:15:04 -0400
commit	71d8c138cf0a72663cd401d753564eecd8c23289 (patch)
tree	3e17c285fb395541c5c3e178673a4b6976758945
parent	5816586ba45bba05f6d9f0432a408063a42e1012 (diff)
download	openssl-71d8c138cf0a72663cd401d753564eecd8c23289.tar.gz