c90fe38088
Resolves: #717730
29 lines
1.1 KiB
Diff
29 lines
1.1 KiB
Diff
memleak in tlsm_auth_cert_handler
|
|
|
|
In tlsm_auth_cert_handler, we get the peer's cert from the socket using
|
|
SSL_PeerCertificate. This value is allocated and/or cached. We must
|
|
destroy it using CERT_DestroyCertificate.
|
|
|
|
Author: Rich Megginson <rmeggins@redhat.com>
|
|
Upstream ITS: #6980
|
|
Upstream commit: d944920
|
|
Resolves: #717730
|
|
|
|
diff -uNPrp openldap-2.4.23/libraries/libldap/tls_m.c openldap-2.4.23.fix/libraries/libldap/tls_m.c
|
|
--- openldap-2.4.23/libraries/libldap/tls_m.c 2011-07-18 15:54:03.719226863 +0200
|
|
+++ openldap-2.4.23.fix/libraries/libldap/tls_m.c 2011-07-18 16:02:59.284531374 +0200
|
|
@@ -1034,10 +1034,12 @@ tlsm_auth_cert_handler(void *arg, PRFile
|
|
{
|
|
SECCertificateUsage certUsage = isServer ? certificateUsageSSLClient : certificateUsageSSLServer;
|
|
SECStatus ret = SECSuccess;
|
|
+ CERTCertificate *peercert = SSL_PeerCertificate( fd );
|
|
|
|
- ret = tlsm_verify_cert( (CERTCertDBHandle *)arg, SSL_PeerCertificate( fd ),
|
|
+ ret = tlsm_verify_cert( (CERTCertDBHandle *)arg, peercert,
|
|
SSL_RevealPinArg( fd ),
|
|
checksig, certUsage, 0 );
|
|
+ CERT_DestroyCertificate( peercert );
|
|
|
|
return ret;
|
|
}
|