BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()

Roberto Guimaraes reported that Valgrind complains about a leak
in ssl_get_dh_1024().
This is caused caused by an oversight in ssl_sock_load_dh_params(),
where local_dh_1024 is always replaced by a new DH object even if
it already holds one. This patch simply checks whether local_dh_1024
is NULL before calling ssl_get_dh_1024().

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index f24761822fdae81a232628705bab8fd1fdf2c918..e5a6f0a5617bbbdb93e8fcf262809ce46ac5fc0e 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -1638,7 +1638,9 @@ int ssl_sock_load_dh_params(SSL_CTX *ctx, const char *file)
 
                if (global.tune.ssl_default_dh_param <= 1024) {
                        /* we are limited to DH parameter of 1024 bits anyway */
-                       local_dh_1024 = ssl_get_dh_1024();
+                       if (local_dh_1024 == NULL)
+                               local_dh_1024 = ssl_get_dh_1024();
+
                        if (local_dh_1024 == NULL)
                                goto end;