[openssl/openssl] 39fad0: ssl/statem/statem_dtls.c: fix leak in dtls1_buffer...
0 views
Skip to first unread message
Huihui Huang
Mar 21, 2026, 7:31:38 PM (3 days ago) Mar 21
to openssl...@openssl.org
Branch: refs/heads/openssl-3.4
Home: https://github.com/openssl/openssl
Commit: 39fad0c6a0446e1508c5672380b70f4ea18913c5
https://github.com/openssl/openssl/commit/39fad0c6a0446e1508c5672380b70f4ea18913c5
Author: huanghuihui0904 <625...@qq.com>
Date: 2026-03-22 (Sun, 22 Mar 2026)
Changed paths:
M ssl/statem/statem_dtls.c
Log Message:
-----------
ssl/statem/statem_dtls.c: fix leak in dtls1_buffer_message()
pqueue_insert() may fail, but its return value was not checked. This could leak the allocated pitem and handshake fragment. Free them when insertion fails, using pitem_free() for proper cleanup.
Solves https://github.com/openssl/openssl/issues/30442
Fixes #30442
Signed-off-by: huanghuihui0904 <625...@qq.com>
Reviewed-by: Matt Caswell <ma...@openssl.foundation>
Reviewed-by: Frederik Wedel-Heinen <fwh.o...@gmail.com>
Reviewed-by: Eugene Syromiatnikov <es...@openssl.org>
MergeDate: Sat Mar 21 23:28:17 2026
(Merged from https://github.com/openssl/openssl/pull/30443)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
Home: https://github.com/openssl/openssl
Commit: 39fad0c6a0446e1508c5672380b70f4ea18913c5
https://github.com/openssl/openssl/commit/39fad0c6a0446e1508c5672380b70f4ea18913c5
Author: huanghuihui0904 <625...@qq.com>
Date: 2026-03-22 (Sun, 22 Mar 2026)
Changed paths:
M ssl/statem/statem_dtls.c
Log Message:
-----------
ssl/statem/statem_dtls.c: fix leak in dtls1_buffer_message()
pqueue_insert() may fail, but its return value was not checked. This could leak the allocated pitem and handshake fragment. Free them when insertion fails, using pitem_free() for proper cleanup.
Solves https://github.com/openssl/openssl/issues/30442
Fixes #30442
Signed-off-by: huanghuihui0904 <625...@qq.com>
Reviewed-by: Matt Caswell <ma...@openssl.foundation>
Reviewed-by: Frederik Wedel-Heinen <fwh.o...@gmail.com>
Reviewed-by: Eugene Syromiatnikov <es...@openssl.org>
MergeDate: Sat Mar 21 23:28:17 2026
(Merged from https://github.com/openssl/openssl/pull/30443)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
Reply all
Reply to author
Forward
0 new messages