From fab8c3030e5dbcaf20bb50341f71213eab85a1ae Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi Date: Wed, 3 Aug 2016 21:27:00 +0900 Subject: x509ext: fix memory leak in X509::Extension#value= X509_EXTENSION_set_data() dups the ASN1_OCTET_STRING, so we must free the temporary ASN1_OCTET_STRING object. However we can retrieve the current ASN1_OCTET_STRING object by X509_EXTENSION_get_data() and modify it directly. --- ext/openssl/ossl_x509ext.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) (limited to 'ext/openssl/ossl_x509ext.c') diff --git a/ext/openssl/ossl_x509ext.c b/ext/openssl/ossl_x509ext.c index c2bec94f..60a63b2e 100644 --- a/ext/openssl/ossl_x509ext.c +++ b/ext/openssl/ossl_x509ext.c @@ -353,17 +353,15 @@ ossl_x509ext_set_value(VALUE self, VALUE data) X509_EXTENSION *ext; ASN1_OCTET_STRING *asn1s; + GetX509Ext(self, ext); data = ossl_to_der_if_possible(data); StringValue(data); - if(!(asn1s = ASN1_OCTET_STRING_new())){ - ossl_raise(eX509ExtError, NULL); - } - if(!ASN1_STRING_set((ASN1_STRING *)asn1s, (unsigned char *)RSTRING_PTR(data), RSTRING_LENINT(data))){ - ASN1_OCTET_STRING_free(asn1s); - ossl_raise(eX509ExtError, NULL); + asn1s = X509_EXTENSION_get_data(ext); + + if (!ASN1_OCTET_STRING_set(asn1s, (unsigned char *)RSTRING_PTR(data), + RSTRING_LENINT(data))) { + ossl_raise(eX509ExtError, "ASN1_OCTET_STRING_set"); } - GetX509Ext(self, ext); - X509_EXTENSION_set_data(ext, asn1s); return data; } -- cgit v1.2.3