Fix memory leak in TLS matches_san_list

author Niklas Keller <me@kelunik.com>

Fri, 3 Aug 2018 19:00:14 +0000 (21:00 +0200)

committer Nikita Popov <nikita.ppv@gmail.com>

Fri, 21 Jun 2019 10:54:30 +0000 (12:54 +0200)
author Niklas Keller <me@kelunik.com>
Fri, 3 Aug 2018 19:00:14 +0000 (21:00 +0200)
committer Nikita Popov <nikita.ppv@gmail.com>
Fri, 21 Jun 2019 10:54:30 +0000 (12:54 +0200)
diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c

index 56e53487319c562710e5ba6312f748614ec324d7..a423da6e741dc88d3558486a4d8d91bc956835e6 100644 (file)
--- a/ext/openssl/xp_ssl.c
+++ b/ext/openssl/xp_ssl.c
@@ -426,6 +426,8 @@ static zend_bool php_openssl_matches_san_list(X509 *peer, const char *subject_na
  
                         if (php_openssl_matches_wildcard_name(subject_name, (const char *)cert_name)) {
                                 OPENSSL_free(cert_name);
+                               sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
+
                                 return 1;
                         }
                         OPENSSL_free(cert_name);
@@ -438,6 +440,8 @@ static zend_bool php_openssl_matches_san_list(X509 *peer, const char *subject_na
                                         san->d.iPAddress->data[3]
                                 );
                                 if (strcasecmp(subject_name, (const char*)ipbuffer) == 0) {
+                                       sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
+
                                         return 1;
                                 }
                         }
@@ -448,6 +452,8 @@ static zend_bool php_openssl_matches_san_list(X509 *peer, const char *subject_na
                 }
         }
  
+       sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
+
         return 0;
  }
  /* }}} */
author	Niklas Keller <me@kelunik.com>
	Fri, 3 Aug 2018 19:00:14 +0000 (21:00 +0200)
committer	Nikita Popov <nikita.ppv@gmail.com>
	Fri, 21 Jun 2019 10:54:30 +0000 (12:54 +0200)