Bug 3817: Memory leak in SSL cert validate for alt_name peer certs

Inside function Ssl::matchX509CommonNames which checks a domain name against
certificate common name and alternate names, if the domain matches any of the
alternate names the function return without releasing allocated data.

diff --git a/src/ssl/support.cc b/src/ssl/support.cc
index c738c2fb425be618e2587672739025841d73510f..c701bd6bda2b02b5f3da53db3d5c501096cbbbed 100644 (file)
--- a/src/ssl/support.cc
+++ b/src/ssl/support.cc
@@ -191,8 +191,10 @@ int Ssl::matchX509CommonNames(X509 *peer_cert, void *check_data, int (*check_fun
             }
             ASN1_STRING *cn_data = check->d.dNSName;
 
-            if ( (*check_func)(check_data, cn_data) == 0)
+            if ( (*check_func)(check_data, cn_data) == 0) {
+                sk_GENERAL_NAME_pop_free(altnames, GENERAL_NAME_free);
                 return 1;
+            }
         }
         sk_GENERAL_NAME_pop_free(altnames, GENERAL_NAME_free);
     }