app-layer-ssl: fix use-after-free (CID 1433623)

Ja3BufferAddValue frees the buffer on error, so there is no point in doing it twice (use-after-free).
8 years ago · 900c27e235
parent fc0e339467
commit 900c27e235
1 changed files with 0 additions and 1 deletions
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@ -660,7 +660,6 @@ static inline int TLSDecodeHSHelloCipherSuites(SSLState *ssl_state,
            if (TLSDecodeValueIsGREASE(cipher_suite) != 1) {
                rc = Ja3BufferAddValue(ja3_cipher_suites, cipher_suite);
                if (rc != 0) {
-                    Ja3BufferFree(&ja3_cipher_suites);
                    return -1;
                }
            }