Merge pull request #10210 from ColtonWilley/fix-scr-dangling-ptr-after-tlsx-freeall

Fix dangling secure_renegotiation pointer after TLSX_FreeAll
This commit is contained in:
JacobBarthelmeh
2026-04-23 13:58:24 -06:00
committed by GitHub
3 changed files with 47 additions and 0 deletions
+9
View File
@@ -8976,6 +8976,11 @@ void wolfSSL_ResourceFree(WOLFSSL* ssl)
#ifdef HAVE_TLS_EXTENSIONS
#if !defined(NO_TLS)
TLSX_FreeAll(ssl->extensions, ssl->heap);
ssl->extensions = NULL;
#if defined(HAVE_SECURE_RENEGOTIATION) \
|| defined(HAVE_SERVER_RENEGOTIATION_INFO)
ssl->secure_renegotiation = NULL;
#endif
#endif /* !NO_TLS */
#ifdef HAVE_ALPN
if (ssl->alpn_peer_requested != NULL) {
@@ -9339,6 +9344,10 @@ void FreeHandshakeResources(WOLFSSL* ssl)
/* Some extensions need to be kept for post-handshake querying. */
TLSX_FreeAll(ssl->extensions, ssl->heap);
ssl->extensions = NULL;
#if defined(HAVE_SECURE_RENEGOTIATION) \
|| defined(HAVE_SERVER_RENEGOTIATION_INFO)
ssl->secure_renegotiation = NULL;
#endif
#else
#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
TLSX_Remove(&ssl->extensions, TLSX_SIGNATURE_ALGORITHMS, ssl->heap);
+4
View File
@@ -10072,6 +10072,10 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
#if defined(HAVE_TLS_EXTENSIONS) && !defined(NO_TLS)
TLSX_FreeAll(ssl->extensions, ssl->heap);
ssl->extensions = NULL;
#if defined(HAVE_SECURE_RENEGOTIATION) \
|| defined(HAVE_SERVER_RENEGOTIATION_INFO)
ssl->secure_renegotiation = NULL;
#endif
#endif
if (ssl->keys.encryptionOn) {