git.ipfire.org Git - thirdparty/squid.git/commit - src/ssl/PeekingPeerConnector.cc

Cert Validation memory leaks

In the case SSL errors detected by certificate validator helper the objects
stored in Ssl::ServerBump::sslErrors member and will never released.
This member normally points to an Ssl::CertErrors list attached to the related
SSL object which is responsible to release this list.
When the cert validator detects errors a new errors list created and attached
to the related Ssl::ServerBump::sslErrors member but the SSL objects still
hold the old one. The old list released but not the new one.

This patch also fixes the case the cbdata protected Ssl::CertErrors list,
still is used through the related Ssl::ServerBump object but it is not valid
any more, because the SSL object which hold it gone.

This patch instead of storing the Ssl::CertErrors list to Ssl::ServerBump
object stores the SSL object and increases its reference to avoid be released

This is a Measurement Factory project

author	Christos Tsantilas <chtsanti@users.sourceforge.net>
	Sat, 13 Feb 2016 07:51:20 +0000 (09:51 +0200)
committer	Christos Tsantilas <chtsanti@users.sourceforge.net>
	Sat, 13 Feb 2016 07:51:20 +0000 (09:51 +0200)
commit	088f0761d7e31cdb6e1c15fbc328e7790468d05e
tree	d68f7f952f0377f00eebee2f5431e0e6c28919ad	tree \| snapshot
parent	4e6462875a9159b3a71f39914602593bbd466168	commit \| diff

src/acl/FilledChecklist.h		diff \| blob \| blame \| history
src/client_side.cc		diff \| blob \| blame \| history
src/format/Format.cc		diff \| blob \| blame \| history
src/security/Session.h		diff \| blob \| blame \| history
src/ssl/PeekingPeerConnector.cc		diff \| blob \| blame \| history
src/ssl/PeerConnector.cc		diff \| blob \| blame \| history
src/ssl/PeerConnector.h		diff \| blob \| blame \| history
src/ssl/ServerBump.cc		diff \| blob \| blame \| history
src/ssl/ServerBump.h		diff \| blob \| blame \| history