ruby-changes:65470
From: Kazuki <ko1@a...>
Date: Tue, 16 Mar 2021 20:39:13 +0900 (JST)
Subject: [ruby-changes:65470] 62d889c857 (master): [ruby/openssl] x509stoRe: fix memory leak in X509::StoreContext.new
https://git.ruby-lang.org/ruby.git/commit/?id=62d889c857 From 62d889c857e79001940e52e3fb2f2bf1709f00d8 Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi <k@r...> Date: Sun, 9 Aug 2020 00:22:08 +0900 Subject: [ruby/openssl] x509store: fix memory leak in X509::StoreContext.new The certificate passed as the second argument was not properly free'd in the error paths. https://github.com/ruby/openssl/commit/9561199b9f --- ext/openssl/ossl_x509store.c | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/ext/openssl/ossl_x509store.c b/ext/openssl/ossl_x509store.c index 6554d63..aba68ab 100644 --- a/ext/openssl/ossl_x509store.c +++ b/ext/openssl/ossl_x509store.c @@ -509,7 +509,9 @@ static VALUE ossl_x509stctx_set_time(VALUE, VALUE); https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_x509store.c#L509 /* * call-seq: - * StoreContext.new(store, cert = nil, chain = nil) + * StoreContext.new(store, cert = nil, untrusted = nil) + * + * Sets up a StoreContext for a verification of the X.509 certificate _cert_. */ static VALUE ossl_x509stctx_initialize(int argc, VALUE *argv, VALUE self) @@ -519,15 +521,24 @@ ossl_x509stctx_initialize(int argc, VALUE *argv, VALUE self) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_x509store.c#L521 X509_STORE *x509st; X509 *x509 = NULL; STACK_OF(X509) *x509s = NULL; + int state; rb_scan_args(argc, argv, "12", &store, &cert, &chain); GetX509StCtx(self, ctx); GetX509Store(store, x509st); - if(!NIL_P(cert)) x509 = DupX509CertPtr(cert); /* NEED TO DUP */ - if(!NIL_P(chain)) x509s = ossl_x509_ary2sk(chain); - if(X509_STORE_CTX_init(ctx, x509st, x509, x509s) != 1){ + if (!NIL_P(cert)) + x509 = DupX509CertPtr(cert); /* NEED TO DUP */ + if (!NIL_P(chain)) { + x509s = ossl_protect_x509_ary2sk(chain, &state); + if (state) { + X509_free(x509); + rb_jump_tag(state); + } + } + if (X509_STORE_CTX_init(ctx, x509st, x509, x509s) != 1){ + X509_free(x509); sk_X509_pop_free(x509s, X509_free); - ossl_raise(eX509StoreError, NULL); + ossl_raise(eX509StoreError, "X509_STORE_CTX_init"); } if (!NIL_P(t = rb_iv_get(store, "@time"))) ossl_x509stctx_set_time(self, t); -- cgit v1.1 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/