In newSSLObject(), initialize the various members of an SSLObject to NULL.

In SSL_dealloc(), free/dealloc them only if they're non-NULL.

Fixes some obvious core dumps, but not sure yet if there are more
semantics to the SSL calls that would affect the dealloc.

1 files changed, 8 insertions, 2 deletions

diff --git a/Modules/socketmodule.c b/Modules/socketmodule.c
index 6e8cd0d..5628d73 100644
--- a/Modules/socketmodule.c
+++ b/Modules/socketmodule.c
@@ -2507,6 +2507,10 @@ newSSLObject(PySocketSockObject *Sock, char *key_file, char *cert_file)
 	}
 	memset(self->server, '\0', sizeof(char) * 256);
 	memset(self->issuer, '\0', sizeof(char) * 256);
+	self->server_cert = NULL;
+	self->ssl = NULL;
+	self->ctx = NULL;
+	self->Socket = NULL;
 
 	self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
 	if (self->ctx == NULL) {
@@ -2618,8 +2622,10 @@ static void SSL_dealloc(SSLObject *self)
 {
 	if (self->server_cert)	/* Possible not to have one? */
 		X509_free (self->server_cert);
-	SSL_free(self->ssl);
-	SSL_CTX_free(self->ctx);
+	if (self->ssl)
+	    SSL_free(self->ssl);
+	if (self->ctx)
+	    SSL_CTX_free(self->ctx);
 	Py_XDECREF(self->Socket);
 	PyObject_Del(self);
 }