ssl: improve 'first cert' check to avoid leaks

In some error conditions, or potentially in case of multiple 'certificate'
records, the extracted subject, issuerdn and serial could be overwritten
without freeing the original memory.

diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c
index 691a3e7b3cd9333f6f5106953c2c911659fc07fb..d403fd9502aeef8d0e330e650691ae88492a48cc 100644 (file)
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -498,7 +498,11 @@ static int TlsDecodeHSCertificate(SSLState *ssl_state,
         int rc = 0;
 
         /* only store fields from the first certificate in the chain */
-        if (processed_len == 0) {
+        if (processed_len == 0 &&
+                ssl_state->server_connp.cert0_subject == NULL &&
+                ssl_state->server_connp.cert0_issuerdn == NULL &&
+                ssl_state->server_connp.cert0_serial == NULL)
+        {
             char * str;
             int64_t not_before, not_after;