Fix memory leak in _X509_REVOKED_dup

The call to X509_REVOKED_new() will create two empty ASN1 structures that were never freed, but simply replaced by a copy. When doing multiple calls to CRL.get_revoked() on a big CRL, this results in a huge memory leak. This change adds two calls to free those empty ASN1 structures before replacing them with the copy. This change requires https://github.com/pyca/cryptography/pull/830 in order to work.
author: Jonathan Giannuzzi <jonathan@giannuzzi.be> 2014-03-20 15:54:29 +0100
committer: Jonathan Giannuzzi <jonathan@giannuzzi.be> 2014-03-30 21:56:40 +0200
commit: b5b9322b960ce43b3fced797db995042c74c245d (patch)
tree: a9c772599c1d6f6bacba3dc1a8a87ad5ec0b95fb /OpenSSL
parent: f31707592c248784b2605affa06303a2cb6eb694 (diff)
download: pyopenssl-b5b9322b960ce43b3fced797db995042c74c245d.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/OpenSSL/crypto.py b/OpenSSL/crypto.py
index ed0b629..65e28d7 100644
--- a/OpenSSL/crypto.py
+++ b/OpenSSL/crypto.py
@@ -1323,9 +1323,11 @@ def _X509_REVOKED_dup(original):
         _raise_current_error()
 
     if original.serialNumber != _ffi.NULL:
+        _lib.ASN1_INTEGER_free(copy.serialNumber)
         copy.serialNumber = _lib.ASN1_INTEGER_dup(original.serialNumber)
 
     if original.revocationDate != _ffi.NULL:
+        _lib.ASN1_TIME_free(copy.revocationDate)
         copy.revocationDate = _lib.M_ASN1_TIME_dup(original.revocationDate)
 
     if original.extensions != _ffi.NULL:
author	Jonathan Giannuzzi <jonathan@giannuzzi.be>	2014-03-20 15:54:29 +0100
committer	Jonathan Giannuzzi <jonathan@giannuzzi.be>	2014-03-30 21:56:40 +0200
commit	b5b9322b960ce43b3fced797db995042c74c245d (patch)
tree	a9c772599c1d6f6bacba3dc1a8a87ad5ec0b95fb /OpenSSL
parent	f31707592c248784b2605affa06303a2cb6eb694 (diff)
download	pyopenssl-b5b9322b960ce43b3fced797db995042c74c245d.tar.gz