jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

OpenSSL: Fix memory leak in subjectAltName parsing

Browse source 
The parsed data from X509_get_ext_d2i() needs to be freed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2016-02-16 00:34:42 +02:00 committed by Jouni Malinen
parent e60913b600
commit 0f09637001
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/crypto/tls_openssl.c
View file

@ -1420,6 +1420,8 @@ static int tls_match_altsubject_component(X509 *cert, int type,
found++;
}
sk_GENERAL_NAME_pop_free(ext, GENERAL_NAME_free);
return found;
}
@ -1532,9 +1534,11 @@ static int tls_match_suffix(X509 *cert, const char *match, int full)
1) {
wpa_printf(MSG_DEBUG, "TLS: %s in dNSName found",
full ? "Match" : "Suffix match");
sk_GENERAL_NAME_pop_free(ext, GENERAL_NAME_free);
return 1;
}
}
sk_GENERAL_NAME_pop_free(ext, GENERAL_NAME_free);
if (dns_name) {
wpa_printf(MSG_DEBUG, "TLS: None of the dNSName(s) matched");
@ -1731,6 +1735,7 @@ static void openssl_tls_cert_event(struct tls_connection *conn,
pos += gen->d.ia5->length;
*pos = '\0';
}
sk_GENERAL_NAME_pop_free(ext, GENERAL_NAME_free);
for (alt = 0; alt < num_altsubject; alt++)
ev.peer_cert.altsubject[alt] = altsubject[alt];