]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a2ec192)
BUG/MINOR: ssl: Memory leak of DH BIGNUM fields
authorRemi Tricot-Le Breton <rlebreton@haproxy.com>
Thu, 3 Nov 2022 14:16:47 +0000 (15:16 +0100)
committerWilliam Lallemand <wlallemand@haproxy.org>
Fri, 4 Nov 2022 10:40:29 +0000 (11:40 +0100)
When running HAProxy with OpenSSLv3, the two BIGNUMs used to build our
own DH parameters are not freed. It was not necessary previously because
ownership of those parameters was transferred to OpenSSL through the
DH_set0_pqg call.

This patch should be backported to 2.6.

src/ssl_sock.c patch | blob | blame | history

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 6b38d4031b453d28240d10fb861bc673f1672cac..2f76bb98669749add3eb61f9c03cb88a63099fb1 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3073,6 +3073,8 @@ end:
        EVP_PKEY_CTX_free(ctx);
        OSSL_PARAM_free(params);
        OSSL_PARAM_BLD_free(tmpl);
+       BN_free(p);
+       BN_free(g);
        return pkey;
 #else
 
Mirror of https://github.com/haproxy/haproxy.git