From 59ddb749383034bb706432b7c379e2fdd01f9171 Mon Sep 17 00:00:00 2001 From: Pierre Joye Date: Fri, 26 May 2006 00:32:07 +0000 Subject: [PATCH] - fix leaks in openssl context options --- NEWS | 1 + ext/openssl/xp_ssl.c | 7 ++++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index a8460b9ba5..4fc2652a44 100644 --- a/NEWS +++ b/NEWS @@ -44,6 +44,7 @@ PHP NEWS - Added pg_field_table() function. (Edin) - Added implementation of curl_multi_info_read(). (Brian) - Added RFC2397 (data: stream) support. (Marcus) +- Fixed memory leaks in openssl streams context options (Pierre) - Fixed handling of extremely long paths inside tempnam() function. (Ilia) - Fixed bug #37587 (var without attribute causes segfault). (Marcus) - Fixed bug #37569 (WDDX incorrectly encodes high-ascii characters). (Ilia) diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c index 4a5e302a41..504ae8bd4d 100644 --- a/ext/openssl/xp_ssl.c +++ b/ext/openssl/xp_ssl.c @@ -432,6 +432,7 @@ static inline int php_openssl_enable_crypto(php_stream *stream, "ssl", "peer_certificate", zcert); peer_cert = NULL; + efree(zcert); } if (SUCCESS == php_stream_context_get_option( @@ -445,7 +446,7 @@ static inline int php_openssl_enable_crypto(php_stream *stream, chain = SSL_get_peer_cert_chain( sslsock->ssl_handle); - if (chain) { + if (chain && sk_X509_num(chain) > 0) { int i; array_init(arr); @@ -458,6 +459,8 @@ static inline int php_openssl_enable_crypto(php_stream *stream, php_openssl_get_x509_list_id())); add_next_index_zval(arr, zcert); } + efree(zcert); + } else { ZVAL_NULL(arr); } @@ -465,6 +468,8 @@ static inline int php_openssl_enable_crypto(php_stream *stream, php_stream_context_set_option(stream->context, "ssl", "peer_certificate_chain", arr); + zval_dtor(arr); + efree(arr); } } } -- 2.40.0