diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-08-03 21:27:00 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-08-16 14:22:07 +0900 |
commit | fab8c3030e5dbcaf20bb50341f71213eab85a1ae (patch) | |
tree | 63755504715853bdb9610ed459b4873fd7a6509c /ext/openssl/ossl_x509ext.c | |
parent | cb115ecc8e26e477ef27279094882480babc1fa7 (diff) | |
download | ruby-openssl-fab8c3030e5dbcaf20bb50341f71213eab85a1ae.tar.gz |
x509ext: fix memory leak in X509::Extension#value=
X509_EXTENSION_set_data() dups the ASN1_OCTET_STRING, so we must free
the temporary ASN1_OCTET_STRING object. However we can retrieve the
current ASN1_OCTET_STRING object by X509_EXTENSION_get_data() and modify
it directly.
Diffstat (limited to 'ext/openssl/ossl_x509ext.c')
-rw-r--r-- | ext/openssl/ossl_x509ext.c | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/ext/openssl/ossl_x509ext.c b/ext/openssl/ossl_x509ext.c index c2bec94f..60a63b2e 100644 --- a/ext/openssl/ossl_x509ext.c +++ b/ext/openssl/ossl_x509ext.c @@ -353,17 +353,15 @@ ossl_x509ext_set_value(VALUE self, VALUE data) X509_EXTENSION *ext; ASN1_OCTET_STRING *asn1s; + GetX509Ext(self, ext); data = ossl_to_der_if_possible(data); StringValue(data); - if(!(asn1s = ASN1_OCTET_STRING_new())){ - ossl_raise(eX509ExtError, NULL); - } - if(!ASN1_STRING_set((ASN1_STRING *)asn1s, (unsigned char *)RSTRING_PTR(data), RSTRING_LENINT(data))){ - ASN1_OCTET_STRING_free(asn1s); - ossl_raise(eX509ExtError, NULL); + asn1s = X509_EXTENSION_get_data(ext); + + if (!ASN1_OCTET_STRING_set(asn1s, (unsigned char *)RSTRING_PTR(data), + RSTRING_LENINT(data))) { + ossl_raise(eX509ExtError, "ASN1_OCTET_STRING_set"); } - GetX509Ext(self, ext); - X509_EXTENSION_set_data(ext, asn1s); return data; } |