[prev in list] [next in list] [prev in thread] [next in thread] 

List:       squid-cvs
Subject:    /bzr/squid3/trunk/ r12761: Bug 3817: Memory leak in SSL cert validate for alt_name peer certs
From:       Christos Tsantilas <chtsanti () users ! sourceforge ! net>
Date:       2013-04-17 8:14:56
Message-ID: 20130417082005.6283.qmail () squid-cache ! org
[Download RAW message or body]

--===============1188610898==
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

------------------------------------------------------------
revno: 12761
fixes bug(s): http://bugs.squid-cache.org/show_bug.cgi?id=3817
committer: Christos Tsantilas <chtsanti@users.sourceforge.net>
branch nick: trunk
timestamp: Wed 2013-04-17 11:14:56 +0300
message:
  Bug 3817: Memory leak in SSL cert validate for alt_name peer certs
  
  Inside function Ssl::matchX509CommonNames which checks a domain name against
  certificate common name and alternate names, if the domain matches any of the
  alternate names the function return without releasing allocated data.
modified:
  src/ssl/support.cc

--===============1188610898==
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; name="r12761.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

=== modified file 'src/ssl/support.cc'
--- a/src/ssl/support.cc	2013-01-30 15:39:37 +0000
+++ b/src/ssl/support.cc	2013-04-17 08:14:56 +0000
@@ -191,8 +191,10 @@
             }
             ASN1_STRING *cn_data = check->d.dNSName;
 
-            if ( (*check_func)(check_data, cn_data) == 0)
+            if ( (*check_func)(check_data, cn_data) == 0) {
+                sk_GENERAL_NAME_pop_free(altnames, GENERAL_NAME_free);
                 return 1;
+            }
         }
         sk_GENERAL_NAME_pop_free(altnames, GENERAL_NAME_free);
     }


--===============1188610898==--
[prev in list] [next in list] [prev in thread] [next in thread]