Missing resource release of function SSL_CTX_new() #81
Description
Hi,
I find that several error handling sites forget to free the resource, which is allocated by function SSL_CTX_new(). See the following code, at line 128, function SSL_CTX_new() allocates the resource. However, several followed up error handling sites forget to free the resource that allocated by SSL_CTX_new(), including the handling actions of function SSL_new() (line 170 - line 172), SSL_set_fd() (line 181 - line 183), SSL_connect() (line 189 - line 191), SSL_get_peer_certificate(line 197 - line 199). For example, function SSL_new() does the handling actions: print the log message, then propogate the error code, therefore, miss the resource release action related to SSL_CTX_new(). This causes a missing resource release bug about function SSL_CTX_new().
function SSL_CTX_new() call site:
Line 128 in 14ea7d7
followed up handling actions:
Lines 168 to 173 in 14ea7d7
Lines 179 to 184 in 14ea7d7
Lines 187 to 192 in 14ea7d7
Lines 195 to 200 in 14ea7d7
======================================================================
Furthermore, I check the usages of SSL_CTX_new() from other projects, for instance, in the OpenSSL project at apps/ciphers.c. See the following code, in the end, the resource allocated by SSL_CTX_new() is freed by the action SSL_CTX_free(ctx) (line 280) :
line 195: ctx = SSL_CTX_new(meth);
...
line 223: ssl = SSL_new(ctx);
line 224: if (ssl == NULL)
line 225: goto err;
...
line 275: err:
line 276: ERR_print_errors(bio_err);
line 277: end:
line 278: if (use_supported)
line 279: sk_SSL_CIPHER_free(sk);
line 280: SSL_CTX_free(ctx);
line 281: SSL_free(ssl);
line 282: return ret;Ref: https://github.com/openssl/openssl/blob/master/apps/ciphers.c