aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2007-05-22 19:51:44 +0000
committerDaniel Stenberg <daniel@haxx.se>2007-05-22 19:51:44 +0000
commita9d49769ff1a27ab5e347d0d87100e6ed0d6796b (patch)
tree49c9aab922bc98f1ee5e9209b29b53bba6edee58
parentd7616d8a0a804530e5bb1bb04b24de46d9258e3e (diff)
Andre Guibert de Bruet fixed a memory leak in the function that verifies the
peer's name in the SSL certificate when built for OpenSSL. The leak happens for libcurls with CURL_DOES_CONVERSIONS enabled that fail to convert the CN name from UTF8.
-rw-r--r--CHANGES14
-rw-r--r--RELEASE-NOTES4
-rw-r--r--lib/ssluse.c3
3 files changed, 15 insertions, 6 deletions
diff --git a/CHANGES b/CHANGES
index af7271c0e..00d8543a6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -5,11 +5,17 @@
\___|\___/|_| \_\_____|
Changelog
+Daniel S (22 May 2007)
+- Andre Guibert de Bruet fixed a memory leak in the function that verifies the
+ peer's name in the SSL certificate when built for OpenSSL. The leak happens
+ for libcurls with CURL_DOES_CONVERSIONS enabled that fail to convert the CN
+ name from UTF8.
+
Daniel S (18 May 2007)
-- Feng Tu reported that curl -w did wrong on TFTP transfers in
- bug report #1715394 (http://curl.haxx.se/bug/view.cgi?id=1715394), and the
- transfer-related info "variables" were indeed overwritten with zeroes wrongly
- and have now been adjusted. The upload size still isn't accurate.
+- Feng Tu reported that curl -w did wrong on TFTP transfers in bug report
+ #1715394 (http://curl.haxx.se/bug/view.cgi?id=1715394), and the
+ transfer-related info "variables" were indeed overwritten with zeroes
+ wrongly and have now been adjusted. The upload size still isn't accurate.
Daniel S (17 May 2007)
- Feng Tu pointed out a division by zero error in the TFTP connect timeout
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 0bb7221c3..9c18d9fdf 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -45,6 +45,7 @@ This release includes the following bugfixes:
o SFTP quote commands chmod, chown, chgrp can now set a value of 0
o TFTP connect timouts less than 5 seconds
o improved curl -w for TFTP transfers
+ o memory leak when failed OpenSSL certificate CN field checking
This release includes the following known bugs:
@@ -69,6 +70,7 @@ advice from friends like these:
Song Ma, Dan Fandrich, Yang Tse, Jay Austin, Robert Iakobashvil,
James Housley, Daniel Black, Steve Little, Sonia Subramanian, Peter O'Gorman,
Frank Hempel, Michael Wallner, Jeff Pohlmeyer, Tobias Rundström,
- Anders Gustafsson, James Bursa, Kristian Gunstone, Feng Tu
+ Anders Gustafsson, James Bursa, Kristian Gunstone, Feng Tu,
+ Andre Guibert de Bruet
Thanks! (and sorry if I forgot to mention someone)
diff --git a/lib/ssluse.c b/lib/ssluse.c
index 5c2999dfa..76c3bd846 100644
--- a/lib/ssluse.c
+++ b/lib/ssluse.c
@@ -1123,7 +1123,8 @@ static CURLcode verifyhost(struct connectdata *conn,
rc = Curl_convert_from_utf8(data, peer_CN, strlen(peer_CN));
/* Curl_convert_from_utf8 calls failf if unsuccessful */
if (rc != CURLE_OK) {
- return(rc);
+ OPENSSL_free(peer_CN);
+ return rc;
}
}
#endif /* CURL_DOES_CONVERSIONS */