There is a memory leak defect at line 3232 of the file /openssl/ssl/statem/statem_srvr.c. #24341
Labels
branch: master
Merge to master branch
branch: 3.0
Merge to openssl-3.0 branch
branch: 3.1
Merge to openssl-3.1
branch: 3.2
Merge to openssl-3.2
branch: 3.3
Merge to openssl-3.3
good first issue
Bite size change that could be a good start
triaged: bug
The issue/pr is/fixes a bug
Comments
paulidale
added
triaged: bug
|
I wonder why Coverity isn't catching these. |
This is probably code not built in the coverity builds. |
t8m
added
branch: master
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
At line 3197 of the file /openssl/ssl/statem/statem_srvr.c, a pointer variable named pkey_ctx is defined. This variable allocates a dynamic memory region through the function EVP_PKEY_CTX_new_from_pkey at line 3225. When the if statement at line 3226 returns false, it indicates that the dynamic memory region pointed to by pkey_ctx has been successfully allocated. However, if the if statement at line 3230 returns true, the program will return at line 3232 without executing the release operation for the dynamic memory region pointed to by pkey_ctx at line 3287. This leads to a memory leak defect, as shown in the diagram below:
https://github.com/LuMingYinDetect/openssl_defects/blob/main/openssl_22.png
The text was updated successfully, but these errors were encountered: