From 6a48b0c38ff11d2c7f4e0b244a3aa011fd3bc6a5 Mon Sep 17 00:00:00 2001 From: tb Date: Sun, 19 Aug 2018 20:07:06 +0000 Subject: [PATCH] Don't leak a strdup()'ed string on error in do_accept(). CID #154702. input & ok inoguchi, ok mestre on first version --- usr.bin/openssl/s_socket.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/usr.bin/openssl/s_socket.c b/usr.bin/openssl/s_socket.c index d3aff1b3bb5..62b32d39363 100644 --- a/usr.bin/openssl/s_socket.c +++ b/usr.bin/openssl/s_socket.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_socket.c,v 1.9 2018/02/07 05:47:55 jsing Exp $ */ +/* $OpenBSD: s_socket.c,v 1.10 2018/08/19 20:07:06 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -276,11 +276,13 @@ do_accept(int acc_sock, int *sock, char **host) if (h2 == NULL) { BIO_printf(bio_err, "gethostbyname failure\n"); close(ret); + free(*host); return (0); } if (h2->h_addrtype != AF_INET) { BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n"); close(ret); + free(*host); return (0); } } -- 2.20.1