aboutsummaryrefslogtreecommitdiff
path: root/lib/vtls
diff options
context:
space:
mode:
authorChris Araman <chris-araman@users.noreply.github.com>2016-12-22 18:50:31 -0800
committerDaniel Stenberg <daniel@haxx.se>2016-12-27 22:07:59 +0100
commite53f0736c403aa973e6937ba19d83f07922ac9cb (patch)
tree12c5f45c4cf12c09fd4c3d3d36cf234760a4ba7d /lib/vtls
parent8db3afe16c0916ea5acf6aed6e7cf02f06cc8677 (diff)
darwinssl: fix CFArrayRef leak
Reviewed-by: Nick Zitzmann Closes #1173
Diffstat (limited to 'lib/vtls')
-rw-r--r--lib/vtls/darwinssl.c16
1 files changed, 10 insertions, 6 deletions
diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c
index 2146b562d..66d872708 100644
--- a/lib/vtls/darwinssl.c
+++ b/lib/vtls/darwinssl.c
@@ -885,12 +885,13 @@ static OSStatus CopyIdentityWithLabel(char *label,
SecIdentityRef *out_cert_and_key)
{
OSStatus status = errSecItemNotFound;
+
+#if CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS
CFArrayRef keys_list;
CFIndex keys_list_count;
CFIndex i;
CFStringRef common_name;
-#if CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS
/* SecItemCopyMatching() was introduced in iOS and Snow Leopard.
kSecClassIdentity was introduced in Lion. If both exist, let's use them
to find the certificate. */
@@ -929,32 +930,35 @@ static OSStatus CopyIdentityWithLabel(char *label,
if(status == noErr) {
keys_list_count = CFArrayGetCount(keys_list);
*out_cert_and_key = NULL;
+ status = 1;
for(i=0; i<keys_list_count; i++) {
OSStatus err = noErr;
SecCertificateRef cert = NULL;
- *out_cert_and_key =
+ SecIdentityRef identity =
(SecIdentityRef) CFArrayGetValueAtIndex(keys_list, i);
- err = SecIdentityCopyCertificate(*out_cert_and_key, &cert);
+ err = SecIdentityCopyCertificate(identity, &cert);
if(err == noErr) {
#if CURL_BUILD_IOS
common_name = SecCertificateCopySubjectSummary(cert);
-#else // CURL_BUILD_MAC_10_7
+#elif CURL_BUILD_MAC_10_7
SecCertificateCopyCommonName(cert, &common_name);
#endif
if(CFStringCompare(common_name, label_cf, 0) == kCFCompareEqualTo) {
CFRelease(cert);
CFRelease(common_name);
+ CFRetain(identity);
+ *out_cert_and_key = identity;
status = noErr;
break;
}
CFRelease(common_name);
}
- *out_cert_and_key = NULL;
- status = 1;
CFRelease(cert);
}
}
+ if(keys_list)
+ CFRelease(keys_list);
CFRelease(query_dict);
CFRelease(label_cf);
}