]> git.ipfire.org Git - thirdparty/dovecot/core.git/commitdiff
projects / thirdparty / dovecot / core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: daf13a6)
lib-ssl-iostream: Fix memory leak when storing JA3 string
authorTimo Sirainen <timo.sirainen@open-xchange.com>
Sat, 17 Jun 2023 20:57:18 +0000 (23:57 +0300)
committerTimo Sirainen <timo.sirainen@open-xchange.com>
Sat, 17 Jun 2023 20:57:18 +0000 (23:57 +0300)
Broken by 3ca8852ec531b83c86c30b890b7f0200cf86105a

src/lib-ssl-iostream/iostream-openssl-context.c patch | blob | blame | history
src/lib-ssl-iostream/iostream-openssl.c patch | blob | blame | history
src/lib-ssl-iostream/iostream-openssl.h patch | blob | blame | history

diff --git a/src/lib-ssl-iostream/iostream-openssl-context.c b/src/lib-ssl-iostream/iostream-openssl-context.c
index 32eb9705827818e31fa35c2738d4f4e5939b00a8..492d63b06b1cbbd72092d7f6aa6cc8a71d7222f9 100644 (file)
--- a/src/lib-ssl-iostream/iostream-openssl-context.c
+++ b/src/lib-ssl-iostream/iostream-openssl-context.c
@@ -456,7 +456,7 @@ static int ssl_clienthello_callback(SSL *ssl, int *al ATTR_UNUSED,
        int ver = SSL_version(ssl)-1;
        const unsigned char *ciphers = NULL;
        size_t nciphers = 0;
-       string_t *ja3 = str_new(ssl_io->ctx->pool, 64);
+       string_t *ja3 = t_str_new(64);
 
        str_printfa(ja3, "%d,", ver);
        nciphers = SSL_client_hello_get0_ciphers(ssl, &ciphers);
@@ -521,7 +521,8 @@ static int ssl_clienthello_callback(SSL *ssl, int *al ATTR_UNUSED,
        }
 
        /* Store ja3 string */
-       ssl_io->ja3_str = str_c(ja3);
+       i_free(ssl_io->ja3_str);
+       ssl_io->ja3_str = i_strdup(str_c(ja3));
 
        return SSL_CLIENT_HELLO_SUCCESS;
 }
diff --git a/src/lib-ssl-iostream/iostream-openssl.c b/src/lib-ssl-iostream/iostream-openssl.c
index fa9afb22f7da257ac1fe6bcef7809476542bcba7..d53134902f63d432f338322127a26874e5abb1bc 100644 (file)
--- a/src/lib-ssl-iostream/iostream-openssl.c
+++ b/src/lib-ssl-iostream/iostream-openssl.c
@@ -360,6 +360,7 @@ static void openssl_iostream_free(struct ssl_iostream *ssl_io)
        i_stream_unref(&ssl_io->plain_input);
        BIO_free(ssl_io->bio_ext);
        SSL_free(ssl_io->ssl);
+       i_free(ssl_io->ja3_str);
        i_free(ssl_io->plain_stream_errstr);
        i_free(ssl_io->last_error);
        i_free(ssl_io->connected_host);
diff --git a/src/lib-ssl-iostream/iostream-openssl.h b/src/lib-ssl-iostream/iostream-openssl.h
index fabc9a072316e62223d7f49c57b4ba72fc99a212..065ab47564bae3d751b7a824533716d6366868c3 100644 (file)
--- a/src/lib-ssl-iostream/iostream-openssl.h
+++ b/src/lib-ssl-iostream/iostream-openssl.h
@@ -47,7 +47,7 @@ struct ssl_iostream {
        char *sni_host;
        char *last_error;
        char *plain_stream_errstr;
-       const char *ja3_str;
+       char *ja3_str;
        int plain_stream_errno;
 
        /* copied settings */
Mirror of https://github.com/dovecot/core.git