From: Emeric Brun <ebrun@exceliance.fr>
Date: Tue, 17 Sep 2013 13:19:54 +0000 (+0200)
Subject: BUG/MEDIUM: ssl: potential memory leak using verifyhost
X-Git-Tag: v1.5-dev20~281
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4ad50a469db95965e71af211e4d2628af8a5d9dc;p=thirdparty%2Fhaproxy.git

BUG/MEDIUM: ssl: potential memory leak using verifyhost

If server certificate presents dns aliases, a memory leak appears
on health checks when 'verifyhost' statement is used.
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index a55a5bf4ce..4ae27fc304 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -861,6 +861,7 @@ static int ssl_sock_srv_verifycbk(int ok, X509_STORE_CTX *ctx)
 				}
 			}
 		}
+		sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
 	}
 
 	cert_subject = X509_get_subject_name(cert);