[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnurl] 32/411: schannel: fix memory leak when using get_cert_location
|
From: |
gnunet |
|
Subject: |
[gnurl] 32/411: schannel: fix memory leak when using get_cert_location |
|
Date: |
Wed, 13 Jan 2021 01:17:27 +0100 |
This is an automated email from the git hooks/post-receive script.
nikita pushed a commit to branch master
in repository gnurl.
commit 01e2679b4972e4cd15290d0e1b05cd0988cb5b5e
Author: fullincome <fullincome@fullincome.ru>
AuthorDate: Wed Aug 26 13:15:15 2020 +0300
schannel: fix memory leak when using get_cert_location
The get_cert_location function allocates memory only on success.
Previously get_cert_location was able to allocate memory and return
error. It wasn't obvious and in this case the memory wasn't
released.
Fixes #5855
Closes #5860
---
lib/vtls/schannel.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index 1c1432d75..4707ecfec 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -346,6 +346,8 @@ set_ssl_ciphers(SCHANNEL_CRED *schannel_cred, char *ciphers)
}
#ifdef HAS_CLIENT_CERT_PATH
+
+/* Function allocates memory for store_path only if CURLE_OK is returned */
static CURLcode
get_cert_location(TCHAR *path, DWORD *store_name, TCHAR **store_path,
TCHAR **thumbprint)
@@ -388,16 +390,16 @@ get_cert_location(TCHAR *path, DWORD *store_name, TCHAR
**store_path,
if(sep == NULL)
return CURLE_SSL_CERTPROBLEM;
+ *thumbprint = sep + 1;
+ if(_tcslen(*thumbprint) != CERT_THUMBPRINT_STR_LEN)
+ return CURLE_SSL_CERTPROBLEM;
+
*sep = TEXT('\0');
*store_path = _tcsdup(store_path_start);
*sep = TEXT('\\');
if(*store_path == NULL)
return CURLE_OUT_OF_MEMORY;
- *thumbprint = sep + 1;
- if(_tcslen(*thumbprint) != CERT_THUMBPRINT_STR_LEN)
- return CURLE_SSL_CERTPROBLEM;
-
return CURLE_OK;
}
#endif
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [gnurl] 24/411: multi: implement wait using winsock events, (continued)
- [gnurl] 24/411: multi: implement wait using winsock events, gnunet, 2021/01/12
- [gnurl] 12/411: setopt: if the buffer exists, refuse the new BUFFERSIZE, gnunet, 2021/01/12
- [gnurl] 13/411: etag: save and use the full received contents, gnunet, 2021/01/12
- [gnurl] 27/411: winbuild: convert the instruction text to README.md, gnunet, 2021/01/12
- [gnurl] 15/411: checksrc: verify do-while and spaces between the braces, gnunet, 2021/01/12
- [gnurl] 59/411: docs: add description about CI platforms to CONTRIBUTE.md, gnunet, 2021/01/12
- [gnurl] 67/411: curl.1: add see also no-progress-meter on two spots, gnunet, 2021/01/12
- [gnurl] 41/411: docs/libcurl: update "Added in" version for curl_easy_option*, gnunet, 2021/01/12
- [gnurl] 35/411: openssl: Fix wincrypt symbols conflict with BoringSSL, gnunet, 2021/01/12
- [gnurl] 18/411: configure: fix pkg-config detecting wolfssl, gnunet, 2021/01/12
- [gnurl] 32/411: schannel: fix memory leak when using get_cert_location,
gnunet <=
- [gnurl] 10/411: CURLE_PROXY: new error code, gnunet, 2021/01/12
- [gnurl] 43/411: buildconf: invoke 'autoreconf -fi' instead, gnunet, 2021/01/12
- [gnurl] 49/411: multi: handle connection state winsock events, gnunet, 2021/01/12
- [gnurl] 57/411: ntlm: fix condition for curl_ntlm_core usage, gnunet, 2021/01/12
- [gnurl] 68/411: cmdline-opts/gen.pl: generate nicer "See Also" in curl.1, gnunet, 2021/01/12
- [gnurl] 42/411: lib: make Curl_gethostname accept a const pointer, gnunet, 2021/01/12
- [gnurl] 66/411: RELEASE-NOTES: synced, gnunet, 2021/01/12
- [gnurl] 39/411: configure: added --disable-get-easy-options, gnunet, 2021/01/12
- [gnurl] 53/411: RELEASE-NOTES: synced, gnunet, 2021/01/12
- [gnurl] 65/411: mqtt: enable by default, gnunet, 2021/01/12