From: Timo Sirainen <timo.sirainen@open-xchange.com>
Date: Fri, 12 Jul 2019 07:16:26 +0000 (+0300)
Subject: config: Fix memory leaks when failing to convert ssl-parameters.dat
X-Git-Tag: 2.3.7~5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=fffdea3fb170615d15c4cf6805babf5580785264;p=thirdparty%2Fdovecot%2Fcore.git

config: Fix memory leaks when failing to convert ssl-parameters.dat

If ssl_dh setting isn't set and ssl-parameters.dat isn't found or there's
some error reading it, memory is leaked for every config request. This
eventually results in config process dying due to reaching vsz_limit.
---

diff --git a/src/config/old-set-parser.c b/src/config/old-set-parser.c
index 3e4812af86..b084c7575d 100644
--- a/src/config/old-set-parser.c
+++ b/src/config/old-set-parser.c
@@ -90,9 +90,11 @@ bool old_settings_ssl_dh_load(const char **value, const char **error_r)
 		 */
 		/* check moved to correct place from here */
 		*value = NULL;
+		i_stream_unref(&is);
 		return TRUE;
 	} else if (is->stream_errno != 0) {
 		*error_r = t_strdup(i_stream_get_error(is));
+		i_stream_unref(&is);
 		return FALSE;
 	}
 
@@ -135,9 +137,11 @@ bool old_settings_ssl_dh_load(const char **value, const char **error_r)
 	} else if (is->stream_errno == ENOENT) {
 		/* check for empty ssl_dh elsewhere */
 		*value = NULL;
+		i_stream_unref(&is);
 		return TRUE;
 	} else {
 		*error_r = "ssl enabled, but ssl_dh not set";
+		i_stream_unref(&is);
 		return FALSE;
 	}
 	i_stream_unref(&is);