From a6cc9af1fcdd1a134dfe8f3d593192a5745d9889 Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Wed, 10 Jul 2019 17:07:16 -0600 Subject: [PATCH] free old peer RSA key in secure renegotiation when getting new one --- src/internal.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/internal.c b/src/internal.c index c0f303b6e..0964e1369 100644 --- a/src/internal.c +++ b/src/internal.c @@ -10102,6 +10102,15 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, ssl->peerRsaKeyPresent = 1; #ifdef HAVE_PK_CALLBACKS #ifndef NO_RSA + #ifdef HAVE_SECURE_RENEGOTIATION + if (ssl->buffers.peerRsaKey.buffer) { + XFREE(ssl->buffers.peerRsaKey.buffer, + ssl->heap, DYNAMIC_TYPE_RSA); + ssl->buffers.peerRsaKey.buffer = NULL; + } + #endif + + ssl->buffers.peerRsaKey.buffer = (byte*)XMALLOC(args->dCert->pubKeySize, ssl->heap, DYNAMIC_TYPE_RSA);