diff options
| -rw-r--r-- | CHANGES | 4 | ||||
| -rw-r--r-- | RELEASE-NOTES | 3 | ||||
| -rw-r--r-- | lib/gtls.c | 15 |
3 files changed, 16 insertions, 6 deletions
@@ -6,6 +6,10 @@ Changelog +Michal Marek (22 Jul 2009) +- David Binderman found a memory and fd leak in lib/gtls.c:load_file() + (https://bugzilla.novell.com/523919). When looking at the code, I found + that also the ptr pointer can leak. Kamil Dudka (20 Jul 2009) - Claes Jakobsson improved the support for client certificates handling in NSS-powered libcurl. Now the client certificates can be selected diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 798337160..0f4da0b0e 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -32,6 +32,7 @@ This release includes the following bugfixes: o curl -o - sends data to stdout using binary mode on windows o fixed the separators for "array" style string that CURLINFO_CERTINFO returns o auth problem over several hosts with re-used connection + o fix leak in gtls code This release includes the following known bugs: @@ -44,6 +45,6 @@ advice from friends like these: Andre Guibert de Bruet, Mike Crowe, Claes Jakobsson, John E. Malmberg, Aaron Oneal, Igor Novoseltsev, Eric Wong, Bill Hoffman, Daniel Steinberg, Fabian Keil, Michal Marek, Reuven Wachtfogel, Markus Koetter, - Constantine Sapuntzakis + Constantine Sapuntzakis, David Binderman Thanks! (and sorry if I forgot to mention someone) diff --git a/lib/gtls.c b/lib/gtls.c index 002246a0c..d5c8f1a79 100644 --- a/lib/gtls.c +++ b/lib/gtls.c @@ -148,17 +148,22 @@ static gnutls_datum load_file (const char *file) long filelen; void *ptr; - if (!(f = fopen(file, "r")) - || fseek(f, 0, SEEK_END) != 0 + if (!(f = fopen(file, "r"))) + return loaded_file; + if (fseek(f, 0, SEEK_END) != 0 || (filelen = ftell(f)) < 0 || fseek(f, 0, SEEK_SET) != 0 - || !(ptr = malloc((size_t)filelen)) - || fread(ptr, 1, (size_t)filelen, f) < (size_t)filelen) { - return loaded_file; + || !(ptr = malloc((size_t)filelen))) + goto out; + if (fread(ptr, 1, (size_t)filelen, f) < (size_t)filelen) { + free(ptr); + goto out; } loaded_file.data = ptr; loaded_file.size = (unsigned int)filelen; +out: + fclose(f); return loaded_file; } |