diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2022-02-08 19:13:51 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2022-02-08 19:13:51 +0000 |
| commit | d3f5fa799920accbfa41585681a46547ce2553ef (patch) | |
| tree | 8ffbbc5a931f6f5c6f46f43221c0688bbeff9f5a /lib/libtls/tls.c | |
| parent | eb7459bdaaef9ae5dba504a0cea73b867eb665a6 (diff) | |
Plug a long standing leak in libtls CRL handling
X509_STORE_add_crl() does not take ownership of the CRL, it bumps its
refcount. So nulling out the CRL from the stack will leak it.
Issue reported by KS Sreeram, thanks!
ok jsing
Diffstat (limited to 'lib/libtls/tls.c')
| -rw-r--r-- | lib/libtls/tls.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/lib/libtls/tls.c b/lib/libtls/tls.c index fd525aa428a..ff33ebe53e1 100644 --- a/lib/libtls/tls.c +++ b/lib/libtls/tls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls.c,v 1.93 2022/01/25 21:51:24 eric Exp $ */ +/* $OpenBSD: tls.c,v 1.94 2022/02/08 19:13:50 tb Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -647,7 +647,6 @@ tls_configure_ssl_verify(struct tls *ctx, SSL_CTX *ssl_ctx, int verify) tls_set_error(ctx, "failed to add crl"); goto err; } - xi->crl = NULL; } X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL); |