diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-08-09 21:29:10 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-08-16 14:22:08 +0900 |
commit | 1e30cd395b14ef46e04bdd9ab72f10067890b265 (patch) | |
tree | c6d1debc552824be0e9772aaea058e8399b71cd0 /ext/openssl/ossl_ocsp.c | |
parent | 4fba87a19472475c3be6856d4904005d86757e00 (diff) | |
download | ruby-openssl-1e30cd395b14ef46e04bdd9ab72f10067890b265.tar.gz |
ocsp: fix memory leak in Response#add_cerid on error path
OCSP_CERTID can leak in case OCSP_request_add0_id() fails.
Diffstat (limited to 'ext/openssl/ossl_ocsp.c')
-rw-r--r-- | ext/openssl/ossl_ocsp.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/ext/openssl/ossl_ocsp.c b/ext/openssl/ossl_ocsp.c index 96399c42..6d84edf6 100644 --- a/ext/openssl/ossl_ocsp.c +++ b/ext/openssl/ossl_ocsp.c @@ -321,12 +321,17 @@ static VALUE ossl_ocspreq_add_certid(VALUE self, VALUE certid) { OCSP_REQUEST *req; - OCSP_CERTID *id; + OCSP_CERTID *id, *id_new; GetOCSPReq(self, req); GetOCSPCertId(certid, id); - if(!OCSP_request_add0_id(req, OCSP_CERTID_dup(id))) - ossl_raise(eOCSPError, NULL); + + if (!(id_new = OCSP_CERTID_dup(id))) + ossl_raise(eOCSPError, "OCSP_CERTID_dup"); + if (!OCSP_request_add0_id(req, id_new)) { + OCSP_CERTID_free(id_new); + ossl_raise(eOCSPError, "OCSP_request_add0_id"); + } return self; } |