]> granicus.if.org Git - mutt/commitdiff
projects / mutt / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fb869a5)
Fix potential cert memory leak in check_certificate_by_digest().
authorKevin McCarthy <kevin@8t8.us>
Sun, 12 Feb 2017 20:24:51 +0000 (12:24 -0800)
committerKevin McCarthy <kevin@8t8.us>
Sun, 12 Feb 2017 20:24:51 +0000 (12:24 -0800)
Thanks to Matthias Andree's debugging, it appears the cert is not
freed when PEM_read_X509() encounters EOF.  Change the return value
check to not overwrite cert.  It is already updated via the second
parameter.

mutt_ssl.c patch | blob | history

diff --git a/mutt_ssl.c b/mutt_ssl.c
index c63cda5d9a0cfd67948cc40a6a7728f4b20e5da2..a1fa1a3a5e038b29a8c8f30a76ffd4e07f4f0798 100644 (file)
--- a/mutt_ssl.c
+++ b/mutt_ssl.c
@@ -763,7 +763,7 @@ static int check_certificate_by_digest (X509 *peercert)
     return 0;
   }
 
-  while ((cert = PEM_read_X509 (fp, &cert, NULL, NULL)) != NULL)
+  while (PEM_read_X509 (fp, &cert, NULL, NULL) != NULL)
   {
     pass = compare_certificates (cert, peercert, peermd, peermdlen) ? 0 : 1;
 
Unnamed repository; edit this file 'description' to name the repository.