fix memory leak

wolfSSL · Jul 24, 2024 · 3e5553d · 3e5553d
1 parent 671a503
commit 3e5553d
Showing 1 changed file with 9 additions and 2 deletions.
diff --git a/src/tls.c b/src/tls.c
@@ -3135,7 +3135,7 @@ static void TLSX_CSR_Free(CertificateStatusRequest* csr, void* heap)
 #ifdef WOLFSSL_TLS13
     for(i = 0; i < (1 + MAX_CHAIN_DEPTH);i++) {
         if (csr->responses[i].buffer != NULL) {
-            XFREE(csr->responses[i].buffer, csr->ssl->heap,
+            XFREE(csr->responses[i].buffer, heap,
                 DYNAMIC_TYPE_TMP_BUFFER);
         }
     }
@@ -3461,6 +3461,12 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, const byte* input, word16 length,
 
             request = &csr->request.ocsp[0];
             ret = CreateOcspResponse(ssl, &request, &csr->responses[0]);
+            if (request != &csr->request.ocsp[0] &&
+                    ssl->buffers.weOwnCert) {
+                /* request will be allocated in CreateOcspResponse() */
+                FreeOcspRequest(request);
+                XFREE(request, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);
+            }
             if (ret != 0)
                 return ret;
             if (csr->responses[0].buffer)
@@ -3486,7 +3492,7 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, const byte* input, word16 length,
 
                         if (pos > chain->length)
                             break;
-
+                        request = &csr->request.ocsp[i + 1];
                         ret = CreateOcspRequest(ssl, request, cert, der.buffer,
                                                der.length);
                         if (ret == 0 && request == ssl->ctx->certOcspRequest) {
@@ -3503,6 +3509,7 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, const byte* input, word16 length,
                                 ret = 0;
                             }
                             i++;
+                            csr->requests++;
                         }
                     }
                 }