From c9da8d408402c32c380cd7f77beb0691cec7876a Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 15 Nov 2019 12:26:44 -0700 Subject: [PATCH] Avoid calling SSL_CTX_free() on an uninitialized pointer in an error path. --- logsrvd/sendlog.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/logsrvd/sendlog.c b/logsrvd/sendlog.c index 8074cb820..317df14dd 100644 --- a/logsrvd/sendlog.c +++ b/logsrvd/sendlog.c @@ -115,7 +115,7 @@ static SSL_CTX * init_tls_client_context(const char *ca_bundle_file, const char *cert_file, const char *key_file) { const SSL_METHOD *method; - SSL_CTX *ctx; + SSL_CTX *ctx = NULL; debug_decl(init_tls_client_context, SUDO_DEBUG_UTIL) @@ -164,8 +164,7 @@ init_tls_client_context(const char *ca_bundle_file, const char *cert_file, const goto exit; bad: - if (ctx) - SSL_CTX_free(ctx); + SSL_CTX_free(ctx); exit: return ctx;