[237] Fix memory leak when verifying a server certificate.

Only for certificates with a subjectAltName. Closes #237. Thanks to MrSaturday. Bug: #237
eclipse · Aug 8, 2016 · 79cc06b · 79cc06b
1 parent bcfa29c
commit 79cc06b
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 0 deletions.
diff --git a/ChangeLog.txt b/ChangeLog.txt
@@ -15,6 +15,8 @@ Broker:
 Client library:
 - Support OpenSSL 1.1.0.
 - Fixed the C++ library not allowing SOCKS support to be used. Closes #198.
+- Fix memory leak when verifying a server certificate with a subjectAltName
+ section. Closes #237.
 
 Build:
 - Don't attempt to install docs when WITH_DOCS=no. Closes #184.

diff --git a/lib/tls_mosq.c b/lib/tls_mosq.c
@@ -129,27 +129,32 @@ int _mosquitto_verify_certificate_hostname(X509 *cert, const char *hostname)
  if(nval->type == GEN_DNS){
  data = ASN1_STRING_data(nval->d.dNSName);
  if(data && !mosquitto__cmp_hostname_wildcard((char *)data, hostname)){
+ sk_GENERAL_NAME_pop_free(san, GENERAL_NAME_free);
  return 1;
  }
  have_san_dns = true;
  }else if(nval->type == GEN_IPADD){
  data = ASN1_STRING_data(nval->d.iPAddress);
  if(nval->d.iPAddress->length == 4 && ipv4_ok){
  if(!memcmp(ipv4_addr, data, 4)){
+ sk_GENERAL_NAME_pop_free(san, GENERAL_NAME_free);
  return 1;
  }
  }else if(nval->d.iPAddress->length == 16 && ipv6_ok){
  if(!memcmp(ipv6_addr, data, 16)){
+ sk_GENERAL_NAME_pop_free(san, GENERAL_NAME_free);
  return 1;
  }
  }
  }
  }
+ sk_GENERAL_NAME_pop_free(san, GENERAL_NAME_free);
  if(have_san_dns){
  /* Only check CN if subjectAltName DNS entry does not exist. */
  return 0;
  }
  }
+
  subj = X509_get_subject_name(cert);
  if(X509_NAME_get_text_by_NID(subj, NID_commonName, name, sizeof(name)) > 0){
  name[sizeof(name) - 1] = '\0';