feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

fix for memory leak with new wolfSSL_get_client_ciphers function

Browse Source
This commit is contained in:
JacobBarthelmeh
2025-01-20 22:06:52 -07:00
parent 49c515ac58
commit 2812baf5a9
4 changed files with 17 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/internal.c
View File

@ -8369,6 +8369,12 @@ void FreeSuites(WOLFSSL* ssl)
wolfSSL_sk_SSL_CIPHER_free(ssl->suitesStack); wolfSSL_sk_SSL_CIPHER_free(ssl->suitesStack);
ssl->suitesStack = NULL; ssl->suitesStack = NULL;
} }
if (ssl->clSuitesStack != NULL) {
/* Enough to free stack structure since WOLFSSL_CIPHER
* isn't allocated separately. */
wolfSSL_sk_SSL_CIPHER_free(ssl->clSuitesStack);
ssl->clSuitesStack = NULL;
}
#endif #endif
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
XFREE(ssl->clSuites, ssl->heap, DYNAMIC_TYPE_SUITES); XFREE(ssl->clSuites, ssl->heap, DYNAMIC_TYPE_SUITES);

9
src/ssl.c
View File

@ -21931,6 +21931,8 @@ WOLF_STACK_OF(WOLFSSL_CIPHER) *wolfSSL_get_ciphers_compat(const WOLFSSL *ssl)
} }
#endif /* OPENSSL_EXTRA || OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ #endif /* OPENSSL_EXTRA || OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
#ifdef OPENSSL_ALL #ifdef OPENSSL_ALL
/* returned pointer is to an internal element in WOLFSSL struct and should not
* be free'd. It gets free'd when the WOLFSSL struct is free'd. */
WOLF_STACK_OF(WOLFSSL_CIPHER)* wolfSSL_get_client_ciphers(WOLFSSL* ssl) WOLF_STACK_OF(WOLFSSL_CIPHER)* wolfSSL_get_client_ciphers(WOLFSSL* ssl)
{ {
WOLF_STACK_OF(WOLFSSL_CIPHER)* ret = NULL; WOLF_STACK_OF(WOLFSSL_CIPHER)* ret = NULL;
@ -21953,7 +21955,10 @@ WOLF_STACK_OF(WOLFSSL_CIPHER)* wolfSSL_get_client_ciphers(WOLFSSL* ssl)
if (suites == NULL) { if (suites == NULL) {
WOLFSSL_MSG("No client suites stored"); WOLFSSL_MSG("No client suites stored");
} }
else { else if (ssl->clSuitesStack != NULL) {
ret = ssl->clSuitesStack;
}
else { /* generate cipher suites stack if not already done */
int i; int i;
int j; int j;
@ -21995,7 +22000,7 @@ WOLF_STACK_OF(WOLFSSL_CIPHER)* wolfSSL_get_client_ciphers(WOLFSSL* ssl)
else { else {
add->num = 1; add->num = 1;
} }
ret = add; ssl->clSuitesStack = ret = add;
} }
} }
} }

4
tests/api.c
View File

@ -61401,8 +61401,8 @@ static int test_wolfSSL_get_client_ciphers(void)
test_ssl_cbf server_cb; test_ssl_cbf server_cb;
test_ssl_cbf client_cb; test_ssl_cbf client_cb;
XMEMSET(&client_cb, 0, sizeof(callback_functions)); XMEMSET(&client_cb, 0, sizeof(test_ssl_cbf));
XMEMSET(&server_cb, 0, sizeof(callback_functions)); XMEMSET(&server_cb, 0, sizeof(test_ssl_cbf));
client_cb.method = wolfSSLv23_client_method; client_cb.method = wolfSSLv23_client_method;
server_cb.method = wolfSSLv23_server_method; server_cb.method = wolfSSLv23_server_method;
client_cb.devId = testDevId; client_cb.devId = testDevId;

2
wolfssl/internal.h
View File

@ -5792,6 +5792,8 @@ struct WOLFSSL {
defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
WOLF_STACK_OF(WOLFSSL_CIPHER)* suitesStack; /* stack of available cipher WOLF_STACK_OF(WOLFSSL_CIPHER)* suitesStack; /* stack of available cipher
* suites */ * suites */
WOLF_STACK_OF(WOLFSSL_CIPHER)* clSuitesStack; /* stack of client cipher
* suites */
#endif #endif
Arrays* arrays; Arrays* arrays;
#ifdef WOLFSSL_TLS13 #ifdef WOLFSSL_TLS13