diff options
author | Chris Araman <chris-araman@users.noreply.github.com> | 2016-12-22 18:50:31 -0800 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2016-12-27 22:07:59 +0100 |
commit | e53f0736c403aa973e6937ba19d83f07922ac9cb (patch) | |
tree | 12c5f45c4cf12c09fd4c3d3d36cf234760a4ba7d /lib/vtls | |
parent | 8db3afe16c0916ea5acf6aed6e7cf02f06cc8677 (diff) |
darwinssl: fix CFArrayRef leak
Reviewed-by: Nick Zitzmann
Closes #1173
Diffstat (limited to 'lib/vtls')
-rw-r--r-- | lib/vtls/darwinssl.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c index 2146b562d..66d872708 100644 --- a/lib/vtls/darwinssl.c +++ b/lib/vtls/darwinssl.c @@ -885,12 +885,13 @@ static OSStatus CopyIdentityWithLabel(char *label, SecIdentityRef *out_cert_and_key) { OSStatus status = errSecItemNotFound; + +#if CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS CFArrayRef keys_list; CFIndex keys_list_count; CFIndex i; CFStringRef common_name; -#if CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS /* SecItemCopyMatching() was introduced in iOS and Snow Leopard. kSecClassIdentity was introduced in Lion. If both exist, let's use them to find the certificate. */ @@ -929,32 +930,35 @@ static OSStatus CopyIdentityWithLabel(char *label, if(status == noErr) { keys_list_count = CFArrayGetCount(keys_list); *out_cert_and_key = NULL; + status = 1; for(i=0; i<keys_list_count; i++) { OSStatus err = noErr; SecCertificateRef cert = NULL; - *out_cert_and_key = + SecIdentityRef identity = (SecIdentityRef) CFArrayGetValueAtIndex(keys_list, i); - err = SecIdentityCopyCertificate(*out_cert_and_key, &cert); + err = SecIdentityCopyCertificate(identity, &cert); if(err == noErr) { #if CURL_BUILD_IOS common_name = SecCertificateCopySubjectSummary(cert); -#else // CURL_BUILD_MAC_10_7 +#elif CURL_BUILD_MAC_10_7 SecCertificateCopyCommonName(cert, &common_name); #endif if(CFStringCompare(common_name, label_cf, 0) == kCFCompareEqualTo) { CFRelease(cert); CFRelease(common_name); + CFRetain(identity); + *out_cert_and_key = identity; status = noErr; break; } CFRelease(common_name); } - *out_cert_and_key = NULL; - status = 1; CFRelease(cert); } } + if(keys_list) + CFRelease(keys_list); CFRelease(query_dict); CFRelease(label_cf); } |