From: Matthias Andree <matthias.andree@gmx.de>
Date: Sun, 12 Feb 2017 17:59:48 +0000 (-0800)
Subject: Plug memory leak in weed-expired-certs code.
X-Git-Tag: neomutt-20170225~2^2~18
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=7957200cf2c85ceed6d89a2e334a323016efcc22;p=neomutt

Plug memory leak in weed-expired-certs code.

X509_STORE_add_cert() creates a copy of the certificate we're offering,
so we need to free our copy afterwards.  This isn't documented, but from
observed behaviour in OpenSSL 1.0.2 and its master branch source code.

Change PEM_read_X509() call to reuse cert to avoid free/reallocation
overhead.
---

diff --git a/mutt_ssl.c b/mutt_ssl.c
index 17ba746ca..c63cda5d9 100644
--- a/mutt_ssl.c
+++ b/mutt_ssl.c
@@ -95,7 +95,7 @@ static int ssl_negotiate (CONNECTION *conn, sslsockdata*);
 static int ssl_load_certificates (SSL_CTX *ctx)
 {
   FILE *fp;
-  X509 *cert;
+  X509 *cert = NULL;
   X509_STORE *store;
   char buf[STRING];
 
@@ -110,18 +110,20 @@ static int ssl_load_certificates (SSL_CTX *ctx)
   if ((fp = fopen (SslCertFile, "rt")) == NULL)
     return 0;
 
-  while ((cert = PEM_read_X509 (fp, NULL, NULL, NULL)) != NULL)
+  while (NULL != PEM_read_X509 (fp, &cert, NULL, NULL))
   {
     if ((X509_cmp_current_time (X509_get_notBefore (cert)) >= 0) ||
         (X509_cmp_current_time (X509_get_notAfter (cert)) <= 0))
     {
       dprint (2, (debugfile, "ssl_load_certificates: filtering expired cert: %s\n",
               X509_NAME_oneline (X509_get_subject_name (cert), buf, sizeof (buf))));
-      X509_free (cert);
     }
     else
+    {
       X509_STORE_add_cert (store, cert);
+    }
   }
+  X509_free (cert);
   safe_fclose (&fp);
 
   return 1;