BUG/MINOR: ssl: EVP_PKEY must be freed after X509_get_pubkey usage

"X509_get_pubkey() attempts to decode the public key for certificate x.
If successful it returns the public key as an EVP_PKEY pointer with its
reference count incremented: this means the returned key must be freed
up after use."

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index acf1c39ce3acf6a55429f0e1743dbc4655c25b01..32f290b452af9801e3777809ee44787b978d75d2 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -834,11 +834,14 @@ static int ssl_sock_load_ocsp(SSL_CTX *ctx, const char *cert_path)
 
        if (!callback) {
                struct ocsp_cbk_arg *cb_arg = calloc(1, sizeof(*cb_arg));
+               EVP_PKEY *pkey;
 
                cb_arg->is_single = 1;
                cb_arg->s_ocsp = iocsp;
 
-               cb_arg->single_kt = EVP_PKEY_base_id(X509_get_pubkey(x));
+               pkey = X509_get_pubkey(x);
+               cb_arg->single_kt = EVP_PKEY_base_id(pkey);
+               EVP_PKEY_free(pkey);
 
                SSL_CTX_set_tlsext_status_cb(ctx, ssl_sock_ocsp_stapling_cbk);
                SSL_CTX_set_tlsext_status_arg(ctx, cb_arg);
@@ -851,6 +854,7 @@ static int ssl_sock_load_ocsp(SSL_CTX *ctx, const char *cert_path)
                struct certificate_ocsp *tmp_ocsp;
                int index;
                int key_type;
+               EVP_PKEY *pkey;
 
 #ifdef SSL_CTX_get_tlsext_status_arg
                SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG, 0, &cb_arg);
@@ -869,7 +873,10 @@ static int ssl_sock_load_ocsp(SSL_CTX *ctx, const char *cert_path)
                cb_arg->is_single = 0;
                cb_arg->single_kt = 0;
 
-               key_type = EVP_PKEY_base_id(X509_get_pubkey(x));
+               pkey = X509_get_pubkey(x);
+               key_type = EVP_PKEY_base_id(pkey);
+               EVP_PKEY_free(pkey);
+
                index = ssl_sock_get_ocsp_arg_kt_index(key_type);
                if (index >= 0 && !cb_arg->m_ocsp[index])
                        cb_arg->m_ocsp[index] = iocsp;