PR: 2073

Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Don't access freed SSL_CTX in SSL_free().

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 49f8ca46d1d2ba637548dd9e3550227c7e4e8674..b3b356d5ab0ac5d3c867da77b1097438015683bc 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -556,7 +556,6 @@ void SSL_free(SSL *s)
        if (s->cert != NULL) ssl_cert_free(s->cert);
        /* Free up if allocated */
 
-       if (s->ctx) SSL_CTX_free(s->ctx);
 #ifndef OPENSSL_NO_TLSEXT
        if (s->tlsext_hostname)
                OPENSSL_free(s->tlsext_hostname);
@@ -580,6 +579,8 @@ void SSL_free(SSL *s)
 
        if (s->method != NULL) s->method->ssl_free(s);
 
+       if (s->ctx) SSL_CTX_free(s->ctx);
+
 #ifndef        OPENSSL_NO_KRB5
        if (s->kssl_ctx != NULL)
                kssl_ctx_free(s->kssl_ctx);