From: William Lallemand <wlallemand@haproxy.org>
Date: Thu, 23 Jan 2020 10:53:13 +0000 (+0100)
Subject: BUG/MINOR: ssl: memory leak w/ the ocsp_issuer
X-Git-Tag: v2.2-dev2~99
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5c3c96fd361f7ab6ae237af802d04fe31720da1b;p=thirdparty%2Fhaproxy.git

BUG/MINOR: ssl: memory leak w/ the ocsp_issuer

This patch frees the ocsp_issuer in
ssl_sock_free_cert_key_and_chain_contents().

Shoudl be backported in 2.1.
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index db9621b21b..38e95fad28 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3126,6 +3126,10 @@ static void ssl_sock_free_cert_key_and_chain_contents(struct cert_key_and_chain
 		free(ckch->ocsp_response);
 		ckch->ocsp_response = NULL;
 	}
+
+	if (ckch->ocsp_issuer)
+		X509_free(ocsp_issuer);
+	ckch->ocsp_issuer = NULL;
 }
 
 /*