Andre Guibert de Bruet fixed a memory leak when PKCS #12 parsing failed

diff --git a/CHANGES b/CHANGES
index 00d8543a6d30302eb7f978424d4722083d9d11d9..258ab845d5961d2d41905158e6794e0378e91087 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -9,7 +9,7 @@ Daniel S (22 May 2007)
 - Andre Guibert de Bruet fixed a memory leak in the function that verifies the
   peer's name in the SSL certificate when built for OpenSSL. The leak happens
   for libcurls with CURL_DOES_CONVERSIONS enabled that fail to convert the CN
-  name from UTF8.
+  name from UTF8. He also fixed a leak when PKCS #12 parsing failed.
 
 Daniel S (18 May 2007)
 - Feng Tu reported that curl -w did wrong on TFTP transfers in bug report

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 9c18d9fdfa57bcb153f1845e3ef529d1e1c49a41..4aba1bc69011442821ba009dfe2ef9d53b324e04 100644 (file)
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -46,6 +46,7 @@ This release includes the following bugfixes:
  o TFTP connect timouts less than 5 seconds
  o improved curl -w for TFTP transfers
  o memory leak when failed OpenSSL certificate CN field checking
+ o memory leak when OpenSSL failed PKCS #12 parsing
 
 This release includes the following known bugs:
 

diff --git a/lib/ssluse.c b/lib/ssluse.c
index 76c3bd846ba74d136b108be4946fe1b81e31e2cc..19412877cf0d2eb5cd848da7d9d99120f16fb318 100644 (file)
--- a/lib/ssluse.c
+++ b/lib/ssluse.c
@@ -377,6 +377,7 @@ int cert_stuff(struct connectdata *conn,
         failf(data,
               "could not parse PKCS12 file, check password, OpenSSL error %s",
               ERR_error_string(ERR_get_error(), NULL) );
+        PKCS12_free(p12);
         return 0;
       }