There is a memory leak defect at line 95 of the file /openssl/ssl/quic/quic_trace.c. #24340
Labels
branch: master
Merge to master branch
branch: 3.2
Merge to openssl-3.2
branch: 3.3
Merge to openssl-3.3
good first issue
Bite size change that could be a good start
triaged: bug
The issue/pr is/fixes a bug
At line 79 of the file /openssl/ssl/quic/quic_trace.c, a pointer variable named ack_ranges is defined. This variable allocates a dynamic memory region via the function OPENSSL_zalloc at line 86. Since the function OPENSSL_zalloc at line 86 is within an if statement, when this if statement returns false, it indicates successful allocation of the dynamic memory region pointed to by ack_ranges. Subsequently, at line 90, the program assigns the dynamic memory region pointed to by ack_ranges to ack.ack_ranges. Similarly, ack is also a local variable defined within this function. When the if statement at line 94 returns true, the program will return at line 95 without executing the release operation for the dynamic memory region pointed to by ack_ranges at line 115. This constitutes a memory leak defect, as illustrated in the following diagram:
https://github.com/LuMingYinDetect/openssl_defects/blob/main/openssl_21.png
The text was updated successfully, but these errors were encountered: