Mercurial > hg > nginx
changeset 7484:65074e13f171
SSL: missing free calls in $ssl_client_s_dn and $ssl_client_i_dn.
If X509_get_issuer_name() or X509_get_subject_name() returned NULL,
this could lead to a certificate reference leak. It cannot happen
in practice though, since each function returns an internal pointer
to a mandatory subfield of the certificate successfully decoded by
d2i_X509() during certificate message processing (closes #1751).
author | Nikolay Morozov <n.morozov@securitycode.ru> |
---|---|
date | Tue, 26 Mar 2019 09:33:57 +0300 |
parents | 1144c122e370 |
children | edf5cd6c56fa |
files | src/event/ngx_event_openssl.c |
diffstat | 1 files changed, 2 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -4622,6 +4622,7 @@ ngx_ssl_get_subject_dn(ngx_connection_t name = X509_get_subject_name(cert); if (name == NULL) { + X509_free(cert); return NGX_ERROR; } @@ -4673,6 +4674,7 @@ ngx_ssl_get_issuer_dn(ngx_connection_t * name = X509_get_issuer_name(cert); if (name == NULL) { + X509_free(cert); return NGX_ERROR; }