Bug 3114: Memory leak in SSL certificate verify code

diff --git a/src/ssl_support.cc b/src/ssl_support.cc
index 546c4cbd541382fec09c5801b064424fb9b8b3e3..a3abb017e62f7cfbdbbd82c869cac1d749431069 100644 (file)
--- a/src/ssl_support.cc
+++ b/src/ssl_support.cc
@@ -178,8 +178,10 @@ int Ssl::matchX509CommonNames(X509 *peer_cert, void *check_data, int (*check_fun
             }
             ASN1_STRING *cn_data = check->d.dNSName;
 
-            if ( (*check_func)(check_data, cn_data) == 0)
+            if ( (*check_func)(check_data, cn_data) == 0) {
+                sk_GENERAL_NAME_pop_free(altnames, GENERAL_NAME_free);
                 return 1;
+            }
         }
         sk_GENERAL_NAME_pop_free(altnames, GENERAL_NAME_free);
     }