ruby-changes:43945
From: nagachika <ko1@a...>
Date: Sat, 27 Aug 2016 03:49:01 +0900 (JST)
Subject: [ruby-changes:43945] nagachika:r56018 (ruby_2_3): backport fix memory leak from upstream.
nagachika 2016-08-27 03:48:55 +0900 (Sat, 27 Aug 2016) New Revision: 56018 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=56018 Log: backport fix memory leak from upstream. https://github.com/ruby/openssl/compare/3a2840e80d275895523a526ce56e4f6e7b8f9cc4...1e30cd395b14ef46e04bdd9ab72f10067890b265 patches are provided by rhe (Kazuki Yamaguchi). * ext/openssl/ossl_config.c: fix memory leak. [ruby-core:76922] [Bug #12680] * ext/openssl/ossl_ocsp.c: ditto. * ext/openssl/ossl_pkcs12.c: ditto. * ext/openssl/ossl_pkcs7.c: ditto. * ext/openssl/ossl_pkey_ec.c: ditto. * ext/openssl/ossl_x509.h: ditto. * ext/openssl/ossl_x509attr.c: ditto. * ext/openssl/ossl_x509crl.c: ditto. * ext/openssl/ossl_x509ext.c: ditto. * ext/openssl/ossl_x509req.c: ditto. * ext/openssl/ossl_x509revoked.c: ditto. Modified files: branches/ruby_2_3/ChangeLog branches/ruby_2_3/ext/openssl/ossl_config.c branches/ruby_2_3/ext/openssl/ossl_config.h branches/ruby_2_3/ext/openssl/ossl_ocsp.c branches/ruby_2_3/ext/openssl/ossl_pkcs12.c branches/ruby_2_3/ext/openssl/ossl_pkcs7.c branches/ruby_2_3/ext/openssl/ossl_pkey_ec.c branches/ruby_2_3/ext/openssl/ossl_x509.h branches/ruby_2_3/ext/openssl/ossl_x509attr.c branches/ruby_2_3/ext/openssl/ossl_x509crl.c branches/ruby_2_3/ext/openssl/ossl_x509ext.c branches/ruby_2_3/ext/openssl/ossl_x509req.c branches/ruby_2_3/ext/openssl/ossl_x509revoked.c branches/ruby_2_3/version.h Index: ruby_2_3/version.h =================================================================== --- ruby_2_3/version.h (revision 56017) +++ ruby_2_3/version.h (revision 56018) @@ -1,10 +1,10 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_3/version.h#L1 #define RUBY_VERSION "2.3.2" -#define RUBY_RELEASE_DATE "2016-08-25" -#define RUBY_PATCHLEVEL 178 +#define RUBY_RELEASE_DATE "2016-08-27" +#define RUBY_PATCHLEVEL 179 #define RUBY_RELEASE_YEAR 2016 #define RUBY_RELEASE_MONTH 8 -#define RUBY_RELEASE_DAY 25 +#define RUBY_RELEASE_DAY 27 #include "ruby/version.h" Index: ruby_2_3/ext/openssl/ossl_x509revoked.c =================================================================== --- ruby_2_3/ext/openssl/ossl_x509revoked.c (revision 56017) +++ ruby_2_3/ext/openssl/ossl_x509revoked.c (revision 56018) @@ -200,7 +200,7 @@ ossl_x509revoked_set_extensions(VALUE se https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_x509revoked.c#L200 rev->extensions = NULL; for (i=0; i<RARRAY_LEN(ary); i++) { item = RARRAY_AREF(ary, i); - ext = DupX509ExtPtr(item); + ext = GetX509ExtPtr(item); if(!X509_REVOKED_add_ext(rev, ext, -1)) { ossl_raise(eX509RevError, NULL); } @@ -215,7 +215,7 @@ ossl_x509revoked_add_extension(VALUE sel https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_x509revoked.c#L215 X509_REVOKED *rev; GetX509Rev(self, rev); - if(!X509_REVOKED_add_ext(rev, DupX509ExtPtr(ext), -1)) { + if (!X509_REVOKED_add_ext(rev, GetX509ExtPtr(ext), -1)) { ossl_raise(eX509RevError, NULL); } Index: ruby_2_3/ext/openssl/ossl_x509ext.c =================================================================== --- ruby_2_3/ext/openssl/ossl_x509ext.c (revision 56017) +++ ruby_2_3/ext/openssl/ossl_x509ext.c (revision 56018) @@ -188,24 +188,6 @@ ossl_x509extfactory_set_crl(VALUE self, https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_x509ext.c#L188 return crl; } -#ifdef HAVE_X509V3_SET_NCONF -static VALUE -ossl_x509extfactory_set_config(VALUE self, VALUE config) -{ - X509V3_CTX *ctx; - CONF *conf; - - GetX509ExtFactory(self, ctx); - rb_iv_set(self, "@config", config); - conf = GetConfigPtr(config); /* NO DUP NEEDED */ - X509V3_set_nconf(ctx, conf); - - return config; -} -#else -#define ossl_x509extfactory_set_config rb_f_notimplement -#endif - static VALUE ossl_x509extfactory_initialize(int argc, VALUE *argv, VALUE self) { @@ -264,8 +246,9 @@ ossl_x509extfactory_create_ext(int argc, https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_x509ext.c#L246 obj = NewX509Ext(cX509Ext); #ifdef HAVE_X509V3_EXT_NCONF_NID rconf = rb_iv_get(self, "@config"); - conf = NIL_P(rconf) ? NULL : GetConfigPtr(rconf); + conf = NIL_P(rconf) ? NULL : DupConfigPtr(rconf); ext = X509V3_EXT_nconf_nid(conf, ctx, nid, RSTRING_PTR(valstr)); + NCONF_free(conf); #else if (!empty_lhash) empty_lhash = lh_new(NULL, NULL); ext = X509V3_EXT_conf_nid(empty_lhash, ctx, nid, RSTRING_PTR(valstr)); @@ -339,14 +322,16 @@ ossl_x509ext_set_oid(VALUE self, VALUE o https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_x509ext.c#L322 { X509_EXTENSION *ext; ASN1_OBJECT *obj; - char *s; - s = StringValuePtr(oid); - obj = OBJ_txt2obj(s, 0); - if(!obj) obj = OBJ_txt2obj(s, 1); - if(!obj) ossl_raise(eX509ExtError, NULL); GetX509Ext(self, ext); - X509_EXTENSION_set_object(ext, obj); + obj = OBJ_txt2obj(StringValueCStr(oid), 0); + if (!obj) + ossl_raise(eX509ExtError, "OBJ_txt2obj"); + if (!X509_EXTENSION_set_object(ext, obj)) { + ASN1_OBJECT_free(obj); + ossl_raise(eX509ExtError, "X509_EXTENSION_set_object"); + } + ASN1_OBJECT_free(obj); return oid; } @@ -356,25 +341,16 @@ ossl_x509ext_set_value(VALUE self, VALUE https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_x509ext.c#L341 { X509_EXTENSION *ext; ASN1_OCTET_STRING *asn1s; - char *s; + GetX509Ext(self, ext); data = ossl_to_der_if_possible(data); StringValue(data); - if(!(s = OPENSSL_malloc(RSTRING_LEN(data)))) - ossl_raise(eX509ExtError, "malloc error"); - memcpy(s, RSTRING_PTR(data), RSTRING_LEN(data)); - if(!(asn1s = ASN1_OCTET_STRING_new())){ - OPENSSL_free(s); - ossl_raise(eX509ExtError, NULL); - } - if(!M_ASN1_OCTET_STRING_set(asn1s, s, RSTRING_LENINT(data))){ - OPENSSL_free(s); - ASN1_OCTET_STRING_free(asn1s); - ossl_raise(eX509ExtError, NULL); + asn1s = X509_EXTENSION_get_data(ext); + + if (!ASN1_OCTET_STRING_set(asn1s, (unsigned char *)RSTRING_PTR(data), + RSTRING_LENINT(data))) { + ossl_raise(eX509ExtError, "ASN1_OCTET_STRING_set"); } - OPENSSL_free(s); - GetX509Ext(self, ext); - X509_EXTENSION_set_data(ext, asn1s); return data; } @@ -476,13 +452,12 @@ Init_ossl_x509ext(void) https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_x509ext.c#L452 rb_attr(cX509ExtFactory, rb_intern("subject_certificate"), 1, 0, Qfalse); rb_attr(cX509ExtFactory, rb_intern("subject_request"), 1, 0, Qfalse); rb_attr(cX509ExtFactory, rb_intern("crl"), 1, 0, Qfalse); - rb_attr(cX509ExtFactory, rb_intern("config"), 1, 0, Qfalse); + rb_attr(cX509ExtFactory, rb_intern("config"), 1, 1, Qfalse); rb_define_method(cX509ExtFactory, "issuer_certificate=", ossl_x509extfactory_set_issuer_cert, 1); rb_define_method(cX509ExtFactory, "subject_certificate=", ossl_x509extfactory_set_subject_cert, 1); rb_define_method(cX509ExtFactory, "subject_request=", ossl_x509extfactory_set_subject_req, 1); rb_define_method(cX509ExtFactory, "crl=", ossl_x509extfactory_set_crl, 1); - rb_define_method(cX509ExtFactory, "config=", ossl_x509extfactory_set_config, 1); rb_define_method(cX509ExtFactory, "create_ext", ossl_x509extfactory_create_ext, -1); cX509Ext = rb_define_class_under(mX509, "Extension", rb_cObject); Index: ruby_2_3/ext/openssl/ossl_pkcs7.c =================================================================== --- ruby_2_3/ext/openssl/ossl_pkcs7.c (revision 56017) +++ ruby_2_3/ext/openssl/ossl_pkcs7.c (revision 56018) @@ -755,7 +755,9 @@ ossl_pkcs7_verify(int argc, VALUE *argv, https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_pkcs7.c#L755 VALUE data; const char *msg; + GetPKCS7(self, p7); rb_scan_args(argc, argv, "22", &certs, &store, &indata, &flags); + x509st = GetX509StorePtr(store); flg = NIL_P(flags) ? 0 : NUM2INT(flags); if(NIL_P(indata)) indata = ossl_pkcs7_get_data(self); in = NIL_P(indata) ? NULL : ossl_obj2bio(indata); @@ -767,8 +769,6 @@ ossl_pkcs7_verify(int argc, VALUE *argv, https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_pkcs7.c#L769 rb_jump_tag(status); } } - x509st = GetX509StorePtr(store); - GetPKCS7(self, p7); if(!(out = BIO_new(BIO_s_mem()))){ BIO_free(in); sk_X509_pop_free(x509s, X509_free); @@ -776,13 +776,13 @@ ossl_pkcs7_verify(int argc, VALUE *argv, https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_pkcs7.c#L776 } ok = PKCS7_verify(p7, x509s, x509st, in, out, flg); BIO_free(in); - if (ok < 0) ossl_raise(ePKCS7Error, NULL); + sk_X509_pop_free(x509s, X509_free); + if (ok < 0) ossl_raise(ePKCS7Error, "PKCS7_verify"); msg = ERR_reason_error_string(ERR_get_error()); ossl_pkcs7_set_err_string(self, msg ? rb_str_new2(msg) : Qnil); ERR_clear_error(); data = ossl_membio2str(out); ossl_pkcs7_set_data(self, data); - sk_X509_pop_free(x509s, X509_free); return (ok == 1) ? Qtrue : Qfalse; } @@ -822,12 +822,12 @@ ossl_pkcs7_add_data(VALUE self, VALUE da https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_pkcs7.c#L822 char buf[4096]; int len; - in = ossl_obj2bio(data); GetPKCS7(self, pkcs7); if(PKCS7_type_is_signed(pkcs7)){ if(!PKCS7_content_new(pkcs7, NID_pkcs7_data)) ossl_raise(ePKCS7Error, NULL); } + in = ossl_obj2bio(data); if(!(out = PKCS7_dataInit(pkcs7, NULL))) goto err; for(;;){ if((len = BIO_read(in, buf, sizeof(buf))) <= 0) @@ -839,7 +839,7 @@ ossl_pkcs7_add_data(VALUE self, VALUE da https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_pkcs7.c#L839 ossl_pkcs7_set_data(self, Qnil); err: - BIO_free(out); + BIO_free_all(out); BIO_free(in); if(ERR_peek_error()){ ossl_raise(ePKCS7Error, NULL); Index: ruby_2_3/ext/openssl/ossl_pkcs12.c =================================================================== --- ruby_2_3/ext/openssl/ossl_pkcs12.c (revision 56017) +++ ruby_2_3/ext/openssl/ossl_pkcs12.c (revision 56018) @@ -104,7 +104,6 @@ ossl_pkcs12_s_create(int argc, VALUE *ar https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_pkcs12.c#L104 friendlyname = NIL_P(name) ? NULL : StringValuePtr(name); key = GetPKeyPtr(pkey); x509 = GetX509CertPtr(cert); - x509s = NIL_P(ca) ? NULL : ossl_x509_ary2sk(ca); /* TODO: make a VALUE to nid function */ if (!NIL_P(key_nid)) { if ((nkey = OBJ_txt2nid(StringValuePtr(key_nid))) == NID_undef) @@ -122,6 +121,7 @@ ossl_pkcs12_s_create(int argc, VALUE *ar https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_pkcs12.c#L121 ktype = NUM2INT(keytype); obj = NewPKCS12(cPKCS12); + x509s = NIL_P(ca) ? NULL : ossl_x509_ary2sk(ca); p12 = PKCS12_create(passphrase, friendlyname, key, x509, x509s, nkey, ncert, kiter, miter, ktype); sk_X509_pop_free(x509s, X509_free); Index: ruby_2_3/ext/openssl/ossl_x509.h =================================================================== --- ruby_2_3/ext/openssl/ossl_x509.h (revision 56017) +++ ruby_2_3/ext/openssl/ossl_x509.h (revision 56018) @@ -24,7 +24,7 @@ extern VALUE cX509Attr; https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_x509.h#L24 extern VALUE eX509AttrError; VALUE ossl_x509attr_new(X509_ATTRIBUTE *); -X509_ATTRIBUTE *DupX509AttrPtr(VALUE); +X509_ATTRIBUTE *GetX509AttrPtr(VALUE); void Init_ossl_x509attr(void); /* Index: ruby_2_3/ext/openssl/ossl_x509req.c =================================================================== --- ruby_2_3/ext/openssl/ossl_x509req.c (revision 56017) +++ ruby_2_3/ext/openssl/ossl_x509req.c (revision 56018) @@ -430,7 +430,7 @@ ossl_x509req_set_attributes(VALUE self, https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_x509req.c#L430 req->req_info->attributes = NULL; for (i=0;i<RARRAY_LEN(ary); i++) { item = RARRAY_AREF(ary, i); - attr = DupX509AttrPtr(item); + attr = GetX509AttrPtr(item); if (!X509_REQ_add1_attr(req, attr)) { ossl_raise(eX509ReqError, NULL); } @@ -444,7 +444,7 @@ ossl_x509req_add_attribute(VALUE self, V https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_x509req.c#L444 X509_REQ *req; GetX509Req(self, req); - if (!X509_REQ_add1_attr(req, DupX509AttrPtr(attr))) { + if (!X509_REQ_add1_attr(req, GetX509AttrPtr(attr))) { ossl_raise(eX509ReqError, NULL); } Index: ruby_2_3/ext/openssl/ossl_pkey_ec.c =================================================================== --- ruby_2_3/ext/openssl/ossl_pkey_ec.c (revision 56017) +++ ruby_2_3/ext/openssl/ossl_pkey_ec.c (revision 56018) @@ -475,6 +475,7 @@ static VALUE ossl_ec_key_to_string(VALUE https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_pkey_ec.c#L475 int private = 0; char *password = NULL; VALUE str; + const EVP_CIPHER *cipher = NULL; Require_EC_KEY(self, ec); @@ -487,25 +488,22 @@ static VALUE ossl_ec_key_to_string(VALUE https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_pkey_ec.c#L488 if (EC_KEY_get0_private_key(ec)) private = 1; + if (!NIL_P(ciph)) { + cipher = GetCipherPtr(ciph); + if (!NIL_P(pass)) { + StringValue(pass); + if (RSTRING_LENINT(pass) < OSSL_MIN_PWD_LEN) + ossl_raise(eOSSLError, "OpenSSL requires passwords to be at least four characters long"); + password = RSTRING_PTR(pass); + } + } + if (!(out = BIO_new(BIO_s_mem()))) ossl_raise(eECError, "BIO_new(BIO_s_mem())"); switch(format) { case EXPORT_PEM: if (private) { - const EVP_CIPHER *cipher; - if (!NIL_P(ciph)) { - cipher = GetCipherPtr(ciph); - if (!NIL_P(pass)) { - StringValue(pass); - if (RSTRING_LENINT(pass) < OSSL_MIN_PWD_LEN) - ossl_raise(eOSSLError, "OpenSSL requires passwords to be at least four characters long"); - password = RSTRING_PTR(pass); - } - } - else { - cipher = NULL; - } i = PEM_write_bio_ECPrivateKey(out, ec, cipher, NULL, 0, NULL, password); } else { i = PEM_write_bio_EC_PUBKEY(out, ec); Index: ruby_2_3/ext/openssl/ossl_x509attr.c =================================================================== --- ruby_2_3/ext/openssl/ossl_x509attr.c (revision 56017) +++ ruby_2_3/ext/openssl/ossl_x509attr.c (revision 56018) @@ -72,16 +72,13 @@ ossl_x509attr_new(X509_ATTRIBUTE *attr) https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_x509attr.c#L72 } X509_ATTRIBUTE * -DupX509AttrPtr(VALUE obj) +GetX509AttrPtr(VALUE obj) { - X509_ATTRIBUTE *attr, *new; + X509_ATTRIBUTE *attr; SafeGetX509Attr(obj, attr); - if (!(new = X509_ATTRIBUTE_dup(attr))) { - ossl_raise(eX509AttrError, NULL); - } - return new; + return attr; } /* @@ -141,12 +138,15 @@ ossl_x509attr_set_oid(VALUE self, VALUE https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_x509attr.c#L138 ASN1_OBJECT *obj; char *s; - s = StringValuePtr(oid); + GetX509Attr(self, attr); + s = StringValueCStr(oid); obj = OBJ_txt2obj(s, 0); - if(!obj) obj = OBJ_txt2obj(s, 1); if(!obj) ossl_raise(eX509AttrError, NULL); - GetX509Attr(self, attr); - X509_ATTRIBUTE_set1_object(attr, obj); + if (!X509_ATTRIBUTE_set1_object(attr, obj)) { + ASN1_OBJECT_free(obj); + ossl_raise(eX509AttrError, "X509_ATTRIBUTE_set1_object"); + } + ASN1_OBJECT_free(obj); return oid; } Index: ruby_2_3/ext/openssl/ossl_ocsp.c =================================================================== --- ruby_2_3/ext/openssl/ossl_ocsp.c (revision 56017) +++ ruby_2_3/ext/openssl/ossl_ocsp.c (revision 56018) @@ -271,12 +271,17 @@ static VALUE https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_ocsp.c#L271 ossl_ocspreq_add_certid(VALUE self, VALUE certid) { OCSP_REQUEST *req; - OCSP_CERTID *id; + OCSP_CERTID *id, *id_new; GetOCSPReq(self, req); GetOCSPCertId(certid, id); - if(!OCSP_request_add0_id(req, OCSP_CERTID_dup(id))) - ossl_raise(eOCSPError, NULL); + + if (!(id_new = OCSP_CERTID_dup(id))) + ossl_raise(eOCSPError, "OCSP_CERTID_dup"); + if (!OCSP_request_add0_id(req, id_new)) { + OCSP_CERTID_free(id_new); + ossl_raise(eOCSPError, "OCSP_request_add0_id"); + } return self; } Index: ruby_2_3/ext/openssl/ossl_config.c =================================================================== --- ruby_2_3/ext/openssl/ossl_config.c (revision 56017) +++ ruby_2_3/ext/openssl/ossl_config.c (revision 56018) @@ -26,13 +26,13 @@ VALUE eConfigError; https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_config.c#L26 */ /* - * GetConfigPtr is a public C-level function for getting OpenSSL CONF struct + * DupConfigPtr is a public C-level function for getting OpenSSL CONF struct * from an OpenSSL::Config(eConfig) instance. We decided to implement * OpenSSL::Config in Ruby level but we need to pass native CONF struct for * some OpenSSL features such as X509V3_EXT_*. */ CONF * -GetConfigPtr(VALUE obj) +DupConfigPtr(VALUE obj) { CONF *conf; VALUE str; @@ -50,9 +50,10 @@ GetConfigPtr(VALUE obj) https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_config.c#L50 if(!NCONF_load_bio(conf, bio, &eline)){ BIO_free(bio); NCONF_free(conf); - if (eline <= 0) ossl_raise(eConfigError, "wrong config format"); - else ossl_raise(eConfigError, "error in line %d", eline); - ossl_raise(eConfigError, NULL); + if (eline <= 0) + ossl_raise(eConfigError, "wrong config format"); + else + ossl_raise(eConfigError, "error in line %d", eline); } BIO_free(bio); Index: ruby_2_3/ext/openssl/ossl_x509crl.c =================================================================== --- ruby_2_3/ext/openssl/ossl_x509crl.c (revision 56017) +++ ruby_2_3/ext/openssl/ossl_x509crl.c (revision 56018) @@ -315,7 +315,8 @@ ossl_x509crl_set_revoked(VALUE self, VAL https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_x509crl.c#L315 for (i=0; i<RARRAY_LEN(ary); i++) { rev = DupX509RevokedPtr(RARRAY_AREF(ary, i)); if (!X509_CRL_add0_revoked(crl, rev)) { /* NO DUP - don't free! */ - ossl_raise(eX509CRLError, NULL); + X509_REVOKED_free(rev); + ossl_raise(eX509CRLError, "X509_CRL_add0_revoked"); } } X509_CRL_sort(crl); @@ -332,7 +333,8 @@ ossl_x509crl_add_revoked(VALUE self, VAL https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_x509crl.c#L333 GetX509CRL(self, crl); rev = DupX509RevokedPtr(revoked); if (!X509_CRL_add0_revoked(crl, rev)) { /* NO DUP - don't free! */ - ossl_raise(eX509CRLError, NULL); + X509_REVOKED_free(rev); + ossl_raise(eX509CRLError, "X509_CRL_add0_revoked"); } X509_CRL_sort(crl); Index: ruby_2_3/ext/openssl/ossl_config.h =================================================================== --- ruby_2_3/ext/openssl/ossl_config.h (revision 56017) +++ ruby_2_3/ext/openssl/ossl_config.h (revision 56018) @@ -13,7 +13,6 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ext/openssl/ossl_config.h#L13 extern VALUE cConfig; extern VALUE eConfigError; -CONF* GetConfigPtr(VALUE obj); CONF* DupConfigPtr(VALUE obj); void Init_ossl_config(void); Index: ruby_2_3/ChangeLog =================================================================== --- ruby_2_3/ChangeLog (revision 56017) +++ ruby_2_3/ChangeLog (revision 56018) @@ -1,3 +1,28 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_3/ChangeLog#L1 +Sat Aug 27 03:37:49 2016 Kazuki Yamaguchi <k@r...> + + * ext/openssl/ossl_config.c: fix memory leak. + [ruby-core:76922] [Bug #12680] + + * ext/openssl/ossl_ocsp.c: ditto. + + * ext/openssl/ossl_pkcs12.c: ditto. + + * ext/openssl/ossl_pkcs7.c: ditto. + + * ext/openssl/ossl_pkey_ec.c: ditto. + + * ext/openssl/ossl_x509.h: ditto. + + * ext/openssl/ossl_x509attr.c: ditto. + + * ext/openssl/ossl_x509crl.c: ditto. + + * ext/openssl/ossl_x509ext.c: ditto. + + * ext/openssl/ossl_x509req.c: ditto. + + * ext/openssl/ossl_x509revoked.c: ditto. + Thu Aug 25 00:19:24 2016 SHIBATA Hiroshi <hsbt@r...> * lib/rubygems/specification.rb: `coding` is affect only first line except -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/