diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2022-02-08 19:13:51 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2022-02-08 19:13:51 +0000 |
| commit | d3f5fa799920accbfa41585681a46547ce2553ef (patch) | |
| tree | 8ffbbc5a931f6f5c6f46f43221c0688bbeff9f5a | |
| parent | eb7459bdaaef9ae5dba504a0cea73b867eb665a6 (diff) | |
Plug a long standing leak in libtls CRL handling
X509_STORE_add_crl() does not take ownership of the CRL, it bumps its
refcount. So nulling out the CRL from the stack will leak it.
Issue reported by KS Sreeram, thanks!
ok jsing
| -rw-r--r-- | lib/libtls/tls.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/lib/libtls/tls.c b/lib/libtls/tls.c index fd525aa428a..ff33ebe53e1 100644 --- a/lib/libtls/tls.c +++ b/lib/libtls/tls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls.c,v 1.93 2022/01/25 21:51:24 eric Exp $ */ +/* $OpenBSD: tls.c,v 1.94 2022/02/08 19:13:50 tb Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -647,7 +647,6 @@ tls_configure_ssl_verify(struct tls *ctx, SSL_CTX *ssl_ctx, int verify) tls_set_error(ctx, "failed to add crl"); goto err; } - xi->crl = NULL; } X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL); |