1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[ruby/openssl] ssl: fix potential memory leak in SSLContext#setup

Browse Source 
If SSL_CTX_add_extra_chain_cert() fails, the refcount of x509 must be
handled by the caller. This should only occur due to a malloc failure
inside the function.

https://github.com/ruby/openssl/commit/80bcf727dc
This commit is contained in:
Kazuki Yamaguchi 2025-04-20 16:22:01 +09:00 committed by git
parent b43c7cf8c4
commit 06a56a7ffc
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ext/openssl/ossl_ssl.c
View File

@ -431,7 +431,8 @@ ossl_sslctx_add_extra_chain_cert_i(RB_BLOCK_CALL_FUNC_ARGLIST(i, arg))
GetSSLCTX(arg, ctx); GetSSLCTX(arg, ctx);
x509 = DupX509CertPtr(i); x509 = DupX509CertPtr(i);
if (!SSL_CTX_add_extra_chain_cert(ctx, x509)) { if (!SSL_CTX_add_extra_chain_cert(ctx, x509)) {
ossl_raise(eSSLError, NULL); X509_free(x509);
ossl_raise(eSSLError, "SSL_CTX_add_extra_chain_cert");
} }
return i; return i;