RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-05-05 09:18:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()

Browse Source 
Valgrind reports that the memory allocated in ssl_get_dh_1024() was leaking. Upon further inspection of openssl code, it seems that SSL_CTX_set_tmp_dh makes a copy of the data, so calling DH_free afterwards makes sense.
This commit is contained in:
Roberto Guimaraes 2016-06-11 15:58:10 -07:00 committed by Willy Tarreau
parent 4b788f7d34
commit 0ea4c23ca7
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/ssl_sock.c
View File

@ -1643,6 +1643,7 @@ int ssl_sock_load_dh_params(SSL_CTX *ctx, const char *file)
goto end; goto end;
SSL_CTX_set_tmp_dh(ctx, local_dh_1024); SSL_CTX_set_tmp_dh(ctx, local_dh_1024);
DH_free(local_dh_1024);
} }
else { else {
SSL_CTX_set_tmp_dh_callback(ctx, ssl_get_tmp_dh); SSL_CTX_set_tmp_dh_callback(ctx, ssl_get_tmp_dh);