From: Victor Julien Date: Mon, 20 Jan 2014 11:42:59 +0000 (+0100) Subject: app-layer-ssl: fix unusual memory leak X-Git-Tag: suricata-2.0rc1~186 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=32271bdb66b5d6bee49b9c96c26c144a0532e533;p=thirdparty%2Fsuricata.git app-layer-ssl: fix unusual memory leak In some cases the TLS state pointers to subject and issuerdn could be overwritten by a new memory allocation, causing us to loose track of the old. This has been observed in the case of improper VLAN handling, where it was suspected that multiple unrelated TLS streams were mangled together. --- diff --git a/src/app-layer-tls-handshake.c b/src/app-layer-tls-handshake.c index de596b461d..022547cdeb 100644 --- a/src/app-layer-tls-handshake.c +++ b/src/app-layer-tls-handshake.c @@ -130,7 +130,8 @@ int DecodeTLSHandshakeServerCertificate(SSLState *ssl_state, uint8_t *input, uin SSLCertsChain *ncert; //SCLogInfo("TLS Cert %d: %s\n", i, buffer); if (i == 0) { - ssl_state->server_connp.cert0_subject = SCStrdup(buffer); + if (ssl_state->server_connp.cert0_subject == NULL) + ssl_state->server_connp.cert0_subject = SCStrdup(buffer); if (ssl_state->server_connp.cert0_subject == NULL) { DerFree(cert); return -1; @@ -152,7 +153,8 @@ int DecodeTLSHandshakeServerCertificate(SSLState *ssl_state, uint8_t *input, uin } else { //SCLogInfo("TLS IssuerDN %d: %s\n", i, buffer); if (i == 0) { - ssl_state->server_connp.cert0_issuerdn = SCStrdup(buffer); + if (ssl_state->server_connp.cert0_issuerdn == NULL) + ssl_state->server_connp.cert0_issuerdn = SCStrdup(buffer); if (ssl_state->server_connp.cert0_issuerdn == NULL) { DerFree(cert); return -1;