plug leak in ssl_init_FindCAList() where return value of

X509_NAME_oneline() used for trace logging was not freed.
now passes in a static buffer so no buffer is malloced.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93633 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index c72625463323d36ac61da40bc29446ca66a03f2b..4107a891e6310bbb0cab37051b27bc6d3d7bf905 100644 (file)
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -856,11 +856,12 @@ static void ssl_init_PushCAList(STACK_OF(X509_NAME) *skCAList,
     sk = (STACK_OF(X509_NAME) *)SSL_load_client_CA_file(file);
 
     for (n = 0; sk != NULL && n < sk_X509_NAME_num(sk); n++) {
+        char name_buf[256];
         X509_NAME *name = sk_X509_NAME_value(sk, n);
 
         ssl_log(s, SSL_LOG_TRACE,
                 "CA certificate: %s",
-                X509_NAME_oneline(name, NULL, 0));
+                X509_NAME_oneline(name, name_buf, sizeof(name_buf)));
 
         if (sk_X509_NAME_find(skCAList, name) < 0) {
             /* this will be freed when skCAList is */