diff options
author | Edward Thomson <ethomson@edwardthomson.com> | 2020-05-23 11:02:07 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-05-23 11:02:07 +0100 |
commit | 27cb4e0ec193aa5430d1a32fd90b5dc2d86f5fe1 (patch) | |
tree | 519747d9c6be5a76b6d88c144939ec5d774d5c8f | |
parent | e4bdba5647d30a1cb0f5952bb857301e453a1ab1 (diff) | |
parent | b43a9e6657120fdfb3d01e603aac4c006de98477 (diff) | |
download | libgit2-27cb4e0ec193aa5430d1a32fd90b5dc2d86f5fe1.tar.gz |
Merge pull request #5522 from pks-t/pks/openssl-cert-memleak
OpenSSL certificate memory leak
-rw-r--r-- | src/streams/openssl.c | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/src/streams/openssl.c b/src/streams/openssl.c index 5b66352ca..6a490d17d 100644 --- a/src/streams/openssl.c +++ b/src/streams/openssl.c @@ -655,15 +655,16 @@ static int openssl_connect(git_stream *stream) static int openssl_certificate(git_cert **out, git_stream *stream) { openssl_stream *st = (openssl_stream *) stream; - int len; X509 *cert = SSL_get_peer_certificate(st->ssl); - unsigned char *guard, *encoded_cert; + unsigned char *guard, *encoded_cert = NULL; + int error, len; /* Retrieve the length of the certificate first */ len = i2d_X509(cert, NULL); if (len < 0) { git_error_set(GIT_ERROR_NET, "failed to retrieve certificate information"); - return -1; + error = -1; + goto out; } encoded_cert = git__malloc(len); @@ -673,18 +674,23 @@ static int openssl_certificate(git_cert **out, git_stream *stream) len = i2d_X509(cert, &guard); if (len < 0) { - git__free(encoded_cert); git_error_set(GIT_ERROR_NET, "failed to retrieve certificate information"); - return -1; + error = -1; + goto out; } st->cert_info.parent.cert_type = GIT_CERT_X509; st->cert_info.data = encoded_cert; st->cert_info.len = len; + encoded_cert = NULL; *out = &st->cert_info.parent; + error = 0; - return 0; +out: + git__free(encoded_cert); + X509_free(cert); + return error; } static int openssl_set_proxy(git_stream *stream, const git_proxy_options *proxy_opts) |