Hi,=20

I suggest this quick patch in ssl/t1_enc.c, to avoid memory leaks (all
OS, all openssl versions):

476c476,479
< goto err;
---
> {
> OPENSSL_free(p1); =20
> goto err;
> }


New code:
if ((p1=3D(unsigned char *)OPENSSL_malloc(num)) =3D=3D NULL)
goto err;
if ((p2=3D(unsigned char *)OPENSSL_malloc(num)) =3D=3D NULL)
{
OPENSSL_free(p1); =20
goto err;
}


Thanks
Eric


__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org