Fix memory leak in ssl_cache
diff --git a/ChangeLog b/ChangeLog
index 39d0c6b..591a91c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,7 +3,7 @@
= PolarSSL 1.3 branch
Features
* HMAC-DRBG as a separate module
- * Option to set the Curve preference order
+ * Option to set the Curve preference order (disabled by default)
* Single Platform compatilibity layer (for memory / printf / fprintf)
* Ability to provide alternate timing implementation
* Ability to force the entropy module to use SHA-256 as its basis
@@ -33,11 +33,12 @@
* Programs rsa_sign_pss and rsa_verify_pss were not using PSS since 1.3.0
* Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by
Alex Wilson.)
- * Fixed bug in ssl_cache: when max_entries = 0 and TIMING_C is enabled,
- entries would still be created.
- * Fixed bug in m_sleep: whould sleep twice too long on most Unix platforms.
+ * ssl_cache was creating entries when max_entries=0 if TIMING_C was enabled.
+ * m_sleep() was sleeping twice too long on most Unix platforms.
* Fixed bug with session tickets and non-blocking I/O in the unlikely case
send() would return an EAGAIN error when sending the ticket.
+ * ssl_cache was leaking memory when reusing a timed out entry containing a
+ client certificate.
= PolarSSL 1.3.4 released on 2014-01-27
Features
diff --git a/library/ssl_cache.c b/library/ssl_cache.c
index d94a7d9..4c7d3db 100644
--- a/library/ssl_cache.c
+++ b/library/ssl_cache.c
@@ -195,14 +195,6 @@
}
cur = old;
- memset( &cur->session, 0, sizeof(ssl_session) );
-#if defined(POLARSSL_X509_CRT_PARSE_C)
- if( cur->peer_cert.p != NULL )
- {
- polarssl_free( cur->peer_cert.p );
- memset( &cur->peer_cert, 0, sizeof(x509_buf) );
- }
-#endif /* POLARSSL_X509_CRT_PARSE_C */
}
#else /* POLARSSL_HAVE_TIME */
/*
@@ -219,16 +211,7 @@
cur = cache->chain;
cache->chain = cur->next;
-
-#if defined(POLARSSL_X509_CRT_PARSE_C)
- if( cur->peer_cert.p != NULL )
- {
- polarssl_free( cur->peer_cert.p );
- memset( &cur->peer_cert, 0, sizeof(x509_buf) );
- }
-#endif /* POLARSSL_X509_CRT_PARSE_C */
-
- memset( cur, 0, sizeof(ssl_cache_entry) );
+ cur->next = NULL;
prv->next = cur;
}
#endif /* POLARSSL_HAVE_TIME */
@@ -261,6 +244,15 @@
#if defined(POLARSSL_X509_CRT_PARSE_C)
/*
+ * If we're reusing an entry, free its certificate first
+ */
+ if( cur->peer_cert.p != NULL )
+ {
+ polarssl_free( cur->peer_cert.p );
+ memset( &cur->peer_cert, 0, sizeof(x509_buf) );
+ }
+
+ /*
* Store peer certificate
*/
if( session->peer_cert != NULL )