From c6890d518edabf85766ac2fc81c0cc15a5776730 Mon Sep 17 00:00:00 2001 From: Eric Blankenhorn Date: Fri, 29 Jun 2018 09:44:01 -0500 Subject: [PATCH 1/2] Fix resource leak in wolfSSL_BN_hex2bn --- src/ssl.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/ssl.c b/src/ssl.c index 22117db4f..a45b2e1ac 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -22184,8 +22184,10 @@ int wolfSSL_BN_hex2bn(WOLFSSL_BIGNUM** bn, const char* str) if (*bn == NULL) WOLFSSL_MSG("BN new failed"); - else if (wolfSSL_BN_bin2bn(decoded, decSz, *bn) == NULL) + else if (wolfSSL_BN_bin2bn(decoded, decSz, *bn) == NULL) { WOLFSSL_MSG("Bad bin2bn error"); + wolfSSL_BN_free(*bn); /* Free new BN */ + } else ret = WOLFSSL_SUCCESS; } From ebb3eb87d13946727e0adfd30e5c0c7c9ba48047 Mon Sep 17 00:00:00 2001 From: Eric Blankenhorn Date: Fri, 29 Jun 2018 11:02:10 -0500 Subject: [PATCH 2/2] Update from review --- src/ssl.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index a45b2e1ac..f4abf11a4 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -22163,6 +22163,7 @@ int wolfSSL_BN_hex2bn(WOLFSSL_BIGNUM** bn, const char* str) #else byte decoded[1024]; #endif + int weOwn = 0; WOLFSSL_MSG("wolfSSL_BN_hex2bn"); @@ -22179,14 +22180,20 @@ int wolfSSL_BN_hex2bn(WOLFSSL_BIGNUM** bn, const char* str) else if (bn == NULL) ret = decSz; else { - if (*bn == NULL) + if (*bn == NULL) { *bn = wolfSSL_BN_new(); + if (*bn != NULL) { + weOwn = 1; + } + } if (*bn == NULL) WOLFSSL_MSG("BN new failed"); else if (wolfSSL_BN_bin2bn(decoded, decSz, *bn) == NULL) { WOLFSSL_MSG("Bad bin2bn error"); - wolfSSL_BN_free(*bn); /* Free new BN */ + if (weOwn == 1) { + wolfSSL_BN_free(*bn); /* Free new BN */ + } } else ret = WOLFSSL_SUCCESS;