From: tb <tb@openbsd.org>
Date: Tue, 30 Aug 2022 18:23:40 +0000 (+0000)
Subject: Plug leak of BIO in tls13_quic_init()
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=2b36837771e0e0ba37141c12e5b918e98b0b655e;p=openbsd

Plug leak of BIO in tls13_quic_init()

If rbio and wbio are the same, SSL_free() only frees one BIO, so the
BIO_up_ref() before SSL_set_bio() leads to a leak.

ok jsing
---

diff --git a/lib/libssl/tls13_quic.c b/lib/libssl/tls13_quic.c
index 92bbb011c82..bb7317d4c51 100644
--- a/lib/libssl/tls13_quic.c
+++ b/lib/libssl/tls13_quic.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls13_quic.c,v 1.5 2022/08/27 09:12:55 jsing Exp $ */
+/*	$OpenBSD: tls13_quic.c,v 1.6 2022/08/30 18:23:40 tb Exp $ */
 /*
  * Copyright (c) 2022 Joel Sing <jsing@openbsd.org>
  *
@@ -175,7 +175,6 @@ tls13_quic_init(struct tls13_ctx *ctx)
 	if ((bio = BIO_new(BIO_s_null())) == NULL)
 		return 0;
 
-	BIO_up_ref(bio);
 	SSL_set_bio(ctx->ssl, bio, bio);
 	bio = NULL;