]> git.ipfire.org Git - thirdparty/dovecot/core.git/commitdiff
projects / thirdparty / dovecot / core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2e7a81e)
lib-ssl-iostream: Memory leak fixes
authorTimo Sirainen <tss@iki.fi>
Fri, 22 Jun 2012 15:51:42 +0000 (18:51 +0300)
committerTimo Sirainen <tss@iki.fi>
Fri, 22 Jun 2012 15:51:42 +0000 (18:51 +0300)
src/lib-ssl-iostream/iostream-openssl.c patch | blob | blame | history
src/lib-ssl-iostream/istream-openssl.c patch | blob | blame | history
src/lib-ssl-iostream/ostream-openssl.c patch | blob | blame | history

diff --git a/src/lib-ssl-iostream/iostream-openssl.c b/src/lib-ssl-iostream/iostream-openssl.c
index 8cee2c86f2c4e6f1ff51bb98666246e2a49ce998..6fc5ce906b4df72f8db660f48cbaa11b4f8680b6 100644 (file)
--- a/src/lib-ssl-iostream/iostream-openssl.c
+++ b/src/lib-ssl-iostream/iostream-openssl.c
@@ -246,7 +246,7 @@ void ssl_iostream_unref(struct ssl_iostream **_ssl_io)
        *_ssl_io = NULL;
 
        i_assert(ssl_io->refcount > 0);
-       if (--ssl_io->refcount >= 0)
+       if (--ssl_io->refcount > 0)
                return;
 
        ssl_iostream_free(ssl_io);
@@ -503,6 +503,7 @@ int openssl_cert_match_name(SSL *ssl, const char *verify_name)
        const char *dnsname;
        bool dns_names = FALSE;
        unsigned int i, count;
+       int ret;
 
        cert = SSL_get_peer_certificate(ssl);
        i_assert(cert != NULL);
@@ -520,14 +521,15 @@ int openssl_cert_match_name(SSL *ssl, const char *verify_name)
                }
        }
        sk_GENERAL_NAME_pop_free(gnames, GENERAL_NAME_free);
-       X509_free(cert);
 
        /* verify against CommonName only when there wasn't any DNS
           SubjectAltNames */
        if (dns_names)
-               return i < count ? 0 : -1;
-
-       return strcmp(get_cname(cert), verify_name) == 0 ? 0 : -1;
+               ret = i < count ? 0 : -1;
+       else
+               ret = strcmp(get_cname(cert), verify_name) == 0 ? 0 : -1;
+       X509_free(cert);
+       return ret;
 }
 
 int ssl_iostream_cert_match_name(struct ssl_iostream *ssl_io,
diff --git a/src/lib-ssl-iostream/istream-openssl.c b/src/lib-ssl-iostream/istream-openssl.c
index 6619a2c528ddfce558094a585d28dc9fa4158a90..93bed3c6590b23b10630e812af2de46d0fccab0d 100644 (file)
--- a/src/lib-ssl-iostream/istream-openssl.c
+++ b/src/lib-ssl-iostream/istream-openssl.c
@@ -21,6 +21,7 @@ static void i_stream_ssl_destroy(struct iostream_private *stream)
 {
        struct ssl_istream *sstream = (struct ssl_istream *)stream;
 
+       i_free(sstream->istream.w_buffer);
        ssl_iostream_unref(&sstream->ssl_io);
 }
 
diff --git a/src/lib-ssl-iostream/ostream-openssl.c b/src/lib-ssl-iostream/ostream-openssl.c
index ee2e263e0ecfe493dcce71439ccb797086edd3dd..536e65ed879b3e6571e295518f48aac8082ecdcb 100644 (file)
--- a/src/lib-ssl-iostream/ostream-openssl.c
+++ b/src/lib-ssl-iostream/ostream-openssl.c
@@ -24,7 +24,8 @@ static void o_stream_ssl_destroy(struct iostream_private *stream)
 
        sstream->ssl_io->ssl_output = NULL;
        ssl_iostream_unref(&sstream->ssl_io);
-       i_free(sstream->buffer);
+       if (sstream->buffer != NULL)
+               buffer_free(&sstream->buffer);
 }
 
 static size_t
Mirror of https://github.com/dovecot/core.git