RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-03-11 05:48:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

BUG/MINOR: ssl: double free w/ smp_fetch_ssl_x_chain_der()

Browse Source 
smp_fetch_ssl_x_chain_der() uses the SSL_get_peer_cert_chain() which
does not increment the refcount of the chain, so it should not be free'd.

The bug was introduced by a598b50 ("MINOR: ssl: add ssl_{c,s}_chain_der
fetch methods"). No backport needed.
This commit is contained in:
William Lallemand 2020-08-11 11:18:46 +02:00 committed by William Lallemand
parent b36dcc66ed
commit e3a5f84e53
1 changed files with 0 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/ssl_sample.c
View File

@ -198,8 +198,6 @@ smp_fetch_ssl_x_chain_der(const struct arg *args, struct sample *smp, const char
out:
if (tmp_trash)
free_trash_chunk(tmp_trash);
if (certs)
sk_X509_pop_free(certs, X509_free);
return ret;
}