]> git.ipfire.org Git - thirdparty/curl.git/commitdiff
projects / thirdparty / curl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 734793f)
rustls: fix memory leak on repeated SSLKEYLOGFILE fails
authorDaniel Stenberg <daniel@haxx.se>
Thu, 23 Apr 2026 19:49:50 +0000 (21:49 +0200)
committerDaniel Stenberg <daniel@haxx.se>
Thu, 23 Apr 2026 20:58:39 +0000 (22:58 +0200)
Before this fix, Curl_tls_keylog_open() assigned the environment
variable result to a global keylog_file_name without freeing any prior
allocation. If the file cannot be opened (e.g., permission error)
keylog_file_fp stays NULL, so subsequent calls to Curl_tls_keylog_open
will overwrite keylog_file_name and leak the previous allocation.

Spotted by Codex Security

Closes #21427

lib/vtls/keylog.c patch | blob | blame | history

diff --git a/lib/vtls/keylog.c b/lib/vtls/keylog.c
index 9ffda33276e4569bae60de1ebf25b3bd87358682..4ae2387a7a72305363acbc895aec9ca85bf410e7 100644 (file)
--- a/lib/vtls/keylog.c
+++ b/lib/vtls/keylog.c
@@ -38,7 +38,7 @@ static char *keylog_file_name;
 void Curl_tls_keylog_open(void)
 {
   if(!keylog_file_fp) {
-    keylog_file_name = curl_getenv("SSLKEYLOGFILE");
+    keylog_file_name = getenv("SSLKEYLOGFILE");
     if(keylog_file_name) {
       keylog_file_fp = curlx_fopen(keylog_file_name, FOPEN_APPENDTEXT);
       if(keylog_file_fp) {
@@ -62,7 +62,6 @@ void Curl_tls_keylog_close(void)
     curlx_fclose(keylog_file_fp);
     keylog_file_fp = NULL;
   }
-  curlx_safefree(keylog_file_name);
 }
 
 bool Curl_tls_keylog_enabled(void)
Mirror of https://github.com/curl/curl.git