From: William A. Rowe Jr <wrowe@apache.org>
Date: Tue, 29 Oct 2002 21:12:34 +0000 (+0000)
Subject:   Fix memory leak in mod_ssl from internal SSL library allocations
X-Git-Tag: 2.0.44~193
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ac212ecc65a540453ac64f420133e0208f8a6fb8;p=thirdparty%2Fapache%2Fhttpd.git

  Fix memory leak in mod_ssl from internal SSL library allocations
  within SSL_get_peer_certificate and X509_get_pubkey.

Submitted by:	Zvi Har'El <rl@math.technion.ac.il>
Reviewed by:	Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97344 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index d208dce7952..db36e11645d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,10 @@
 Changes with Apache 2.0.44
 
+  *) Fix memory leak in mod_ssl from internal SSL library allocations
+     within SSL_get_peer_certificate and X509_get_pubkey.
+     [Zvi Har'El <rl@math.technion.ac.il>
+      Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>].
+
   *) mod_ssl uses free() inappropriately in several places, to free
      memory which has been previously allocated inside OpenSSL.
      Such memory should be freed with OPENSSL_free(), not with free().
diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index bf63baf4c1a..b387ccc9447 100644
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -807,6 +807,7 @@ static int ssl_server_import_key(server_rec *s,
             ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
                     "Copying DSA parameters from private key to certificate");
             ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, s);
+            EVP_PKEY_free(pubkey);
         }
     }