From 957930d5c64a47b642cb0c3245f8a11072e39922 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Sun, 29 Jan 2017 18:51:35 +0200 Subject: [PATCH] Backport 2.1:Resource leak in ssl_cookie and mutex When using ssl_cookie with MBEDTLS_THREADING_C, fix a resource leak caused by initiating a mutex in mbedtls_ssl_cookie_free instead of freeing it. Raised and fix suggested by lan Gillingham in the mbed TLS forum Tracked in #771 --- ChangeLog | 2 ++ library/ssl_cookie.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 4f6bd32ae..3cf857da5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,6 +17,8 @@ Bugfix * Fixed the templates used to generate project and solution files for Visual Studio 2015 as well as the files themselves, to remove a build warning generated in Visual Studio 2015. Reported by Steve Valliere. #742 + * Fix a resource leak in ssl_cookie, when using MBEDTLS_THREADING_C. + Raised and fix suggested by Alan Gillingham in the mbed TLS forum. #771 = mbed TLS 2.1.6 branch released 2016-10-17 diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index 7e0c573ad..786af6d4a 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -98,7 +98,7 @@ void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx ) mbedtls_md_free( &ctx->hmac_ctx ); #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_free( &ctx->mutex ); #endif mbedtls_zeroize( ctx, sizeof( mbedtls_ssl_cookie_ctx ) );