]> git.ipfire.org Git - thirdparty/squid.git/commit
projects / thirdparty / squid.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 94bdd49) | patch
Do not leak Security::CertErrors created in X509_verify_cert() (#1346)
authorAlex Rousskov <rousskov@measurement-factory.com>
Wed, 10 May 2023 20:45:27 +0000 (20:45 +0000)
committerAmos Jeffries <yadij@users.noreply.github.com>
Thu, 18 May 2023 05:17:12 +0000 (17:17 +1200)
commitda51ab3dd34f4935f016587b75ebdefa15f85b62
treeede04128cb66e2fdd8410d42aadec0cc646ec8b7tree
parent94bdd4902d24ddb47770fc033f88141e5c569ec0commit | diff
Do not leak Security::CertErrors created in X509_verify_cert() (#1346)

ACLFilledChecklist was using a raw C pointer for handling cbdata-managed
Security::CertErrors. Some sslErrors users knew about hidden cbdata
requirements, some did not, resulting in inconsistent locking/unlocking
and associated memory leaks. Upgrading ACLFilledChecklist::sslErrors to
smart CbcPointer fixes those leaks (and simplifies code).
src/acl/FilledChecklist.cc diff | blob | blame | history
src/acl/FilledChecklist.h diff | blob | blame | history
src/acl/SslError.cc diff | blob | blame | history
src/client_side.cc diff | blob | blame | history
src/security/PeerConnector.cc diff | blob | blame | history
src/ssl/ServerBump.cc diff | blob | blame | history
src/ssl/ServerBump.h diff | blob | blame | history
src/ssl/support.cc diff | blob | blame | history
Mirror of https://github.com/squid-cache/squid.git