rpms/curl
7
0
Fork 1
Code Issues Pull Requests Releases Activity

nss: avoid memory leak on SSL connection failure

Browse Source
This commit is contained in:
Kamil Dudka 2011-02-17 17:43:52 +01:00
parent 4fddd46419
commit 579095349b
2 changed files with 53 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
0001-curl-7.21.4-a40f58d.patch Normal file
View File

@ -0,0 +1,46 @@
From 292debd50217ca5e548d8e4b5b2ce93014884f6d Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Thu, 17 Feb 2011 17:37:24 +0100
Subject: [PATCH] nss: avoid memory leak on SSL connection failure
---
lib/nss.c | 9 ++++++++-
1 files changed, 8 insertions(+), 1 deletions(-)
diff --git a/lib/nss.c b/lib/nss.c
index e115ac9..d26ad5b 100644
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -1058,6 +1058,7 @@ void Curl_nss_close(struct connectdata *conn, int sockindex)
#ifdef HAVE_PK11_CREATEGENERICOBJECT
/* destroy all NSS objects in order to avoid failure of NSS shutdown */
Curl_llist_destroy(connssl->obj_list, NULL);
+ connssl->obj_list = NULL;
#endif
connssl->handle = NULL;
}
@@ -1216,7 +1217,7 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
/* make the socket nonblocking */
sock_opt.option = PR_SockOpt_Nonblocking;
sock_opt.value.non_blocking = PR_TRUE;
- if(PR_SetSocketOption(model, &sock_opt) != SECSuccess)
+ if(PR_SetSocketOption(model, &sock_opt) != PR_SUCCESS)
goto error;
if(SSL_OptionSet(model, SSL_SECURITY, PR_TRUE) != SECSuccess)
@@ -1407,6 +1408,12 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
if(model)
PR_Close(model);
+#ifdef HAVE_PK11_CREATEGENERICOBJECT
+ /* cleanup on connection failure */
+ Curl_llist_destroy(connssl->obj_list, NULL);
+ connssl->obj_list = NULL;
+#endif
+
if (ssl3 && tlsv1 && isTLSIntoleranceError(err)) {
/* schedule reconnect through Curl_retry_request() */
data->state.ssl_connect_retry = TRUE;
--
1.7.4

7
curl.spec
View File

@ -8,6 +8,9 @@ Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
Source2: curlbuild.h Source2: curlbuild.h
Source3: hide_selinux.c Source3: hide_selinux.c
# avoid memory leak on SSL connection failure
Patch1: 0001-curl-7.21.4-a40f58d.patch
# patch making libcurl multilib ready # patch making libcurl multilib ready
Patch101: 0101-curl-7.21.1-multilib.patch Patch101: 0101-curl-7.21.1-multilib.patch
@ -103,6 +106,9 @@ for f in CHANGES README; do
mv -f ${f}.utf8 ${f} mv -f ${f}.utf8 ${f}
done done
# upstream patches (already applied)
%patch1 -p1
# Fedora patches # Fedora patches
%patch101 -p1 %patch101 -p1
%patch102 -p1 %patch102 -p1
@ -216,6 +222,7 @@ rm -rf $RPM_BUILD_ROOT
%changelog %changelog
* Thu Feb 17 2011 Kamil Dudka <kdudka@redhat.com> 7.21.4-1 * Thu Feb 17 2011 Kamil Dudka <kdudka@redhat.com> 7.21.4-1
- new upstream release - new upstream release
- avoid memory leak on SSL connection failure (upstream commit a40f58d)
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7.21.3-3 * Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7.21.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild