Fix a ssl session leak due to OOM in lh_SSL_SESSION_insert

- s == NULL can mean c is a new session *or* lh_insert was unable to create a hash entry. - use lh_SSL_SESSION_retrieve to check for this error condition. - If it happens simply remove the extra reference again. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2138)
2024-11-27 05:21:51 +08:00 · 2016-12-22 20:17:29 +01:00 · 2016-12-22 20:17:29 +01:00 · 38088ce993
commit 38088ce993
parent c2114afc16
1 changed files with 9 additions and 0 deletions
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@ -678,6 +678,15 @@ int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
         * obtain the same session from an external cache)
         */
        s = NULL;
+    } else if (s == NULL &&
+               lh_SSL_SESSION_retrieve(ctx->sessions, c) == NULL) {
+        /* s == NULL can also mean OOM error in lh_SSL_SESSION_insert ... */
+
+        /*
+         * ... so take back the extra reference and also don't add
+         * the session to the SSL_SESSION_list at this time
+         */
+        s = c;
    }

    /* Put at the head of the queue unless it is already in the cache */