Fixed memory leak in php_stream_context_set_option()

4 files changed, 10 insertions, 3 deletions

diff --git a/ext/mysqlnd/mysqlnd_net.c b/ext/mysqlnd/mysqlnd_net.c
index c0a913bab6..ccac6ad1fc 100644
--- a/ext/mysqlnd/mysqlnd_net.c
+++ b/ext/mysqlnd/mysqlnd_net.c
@@ -924,6 +924,7 @@ MYSQLND_METHOD(mysqlnd_net, enable_ssl)(MYSQLND_NET * const net)
 		zval key_zval;
 		ZVAL_STRING(&key_zval, net->data->options.ssl_key);
 		php_stream_context_set_option(context, "ssl", "local_pk", &key_zval);
+		zval_ptr_dtor(&key_zval);
 		any_flag = TRUE;
 	}
 	if (net->data->options.ssl_cert) {
@@ -933,6 +934,7 @@ MYSQLND_METHOD(mysqlnd_net, enable_ssl)(MYSQLND_NET * const net)
 		if (!net->data->options.ssl_key) {
 			php_stream_context_set_option(context, "ssl", "local_pk", &cert_zval);
 		}
+		zval_ptr_dtor(&cert_zval);
 		any_flag = TRUE;
 	}
 	if (net->data->options.ssl_ca) {
@@ -945,18 +947,21 @@ MYSQLND_METHOD(mysqlnd_net, enable_ssl)(MYSQLND_NET * const net)
 		zval capath_zval;
 		ZVAL_STRING(&capath_zval, net->data->options.ssl_capath);
 		php_stream_context_set_option(context, "ssl", "capath", &capath_zval);
+		zval_ptr_dtor(&capath_zval);
 		any_flag = TRUE;
 	}
 	if (net->data->options.ssl_passphrase) {
 		zval passphrase_zval;
 		ZVAL_STRING(&passphrase_zval, net->data->options.ssl_passphrase);
 		php_stream_context_set_option(context, "ssl", "passphrase", &passphrase_zval);
+		zval_ptr_dtor(&passphrase_zval);
 		any_flag = TRUE;
 	}
 	if (net->data->options.ssl_cipher) {
 		zval cipher_zval;
 		ZVAL_STRING(&cipher_zval, net->data->options.ssl_cipher);
 		php_stream_context_set_option(context, "ssl", "ciphers", &cipher_zval);
+		zval_ptr_dtor(&cipher_zval);
 		any_flag = TRUE;
 	}
 	{
diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c
index d05a925d07..e727146026 100644
--- a/ext/openssl/xp_ssl.c
+++ b/ext/openssl/xp_ssl.c
@@ -1728,6 +1728,7 @@ static int capture_peer_certs(php_stream *stream, php_openssl_netstream_data_t *
 	) {
 		ZVAL_RES(&zcert, zend_register_resource(peer_cert, php_openssl_get_x509_list_id()));
 		php_stream_context_set_option(PHP_STREAM_CONTEXT(stream), "ssl", "peer_certificate", &zcert);
+		zval_ptr_dtor(&zcert);
 		cert_captured = 1;
 	}
 
@@ -1755,7 +1756,7 @@ static int capture_peer_certs(php_stream *stream, php_openssl_netstream_data_t *
 		}
 
 		php_stream_context_set_option(PHP_STREAM_CONTEXT(stream), "ssl", "peer_certificate_chain", &arr);
-		zval_dtor(&arr);
+		zval_ptr_dtor(&arr);
 	}
 
 	return cert_captured;
@@ -1874,7 +1875,7 @@ static int php_openssl_enable_crypto(php_stream *stream,
 						zval meta_arr;
 						ZVAL_ARR(&meta_arr, capture_session_meta(sslsock->ssl_handle));
 						php_stream_context_set_option(PHP_STREAM_CONTEXT(stream), "ssl", "session_meta", &meta_arr);
-						zval_dtor(&meta_arr);
+						zval_ptr_dtor(&meta_arr);
 					}
 				}
 			}
diff --git a/ext/soap/php_sdl.c b/ext/soap/php_sdl.c
index 14d690f533..84166780a6 100644
--- a/ext/soap/php_sdl.c
+++ b/ext/soap/php_sdl.c
@@ -296,7 +296,7 @@ void sdl_set_uri_credentials(sdlCtx *ctx, char *uri)
 						memcpy(Z_STRVAL(new_header) + (s - Z_STRVAL_P(header)), rest, Z_STRLEN_P(header) - (rest - Z_STRVAL_P(header)) + 1);
 						ZVAL_COPY(&ctx->old_header, header);
 						php_stream_context_set_option(ctx->context, "http", "header", &new_header);
-						zval_dtor(&new_header);
+						zval_ptr_dtor(&new_header);
 					}
 				}
 			}
diff --git a/ext/standard/http_fopen_wrapper.c b/ext/standard/http_fopen_wrapper.c
index 7a0ec919bb..4be8213f02 100644
--- a/ext/standard/http_fopen_wrapper.c
+++ b/ext/standard/http_fopen_wrapper.c
@@ -243,6 +243,7 @@ php_stream *php_stream_url_wrap_http_ex(php_stream_wrapper *wrapper,
 		if (!context || (tmpzval = php_stream_context_get_option(context, "ssl", "peer_name")) == NULL) {
 			ZVAL_STRING(&ssl_proxy_peer_name, resource->host);
 			php_stream_context_set_option(PHP_STREAM_CONTEXT(stream), "ssl", "peer_name", &ssl_proxy_peer_name);
+			zval_ptr_dtor(&ssl_proxy_peer_name);
 		}
 
 		smart_str_appendl(&header, "CONNECT ", sizeof("CONNECT ")-1);