diff options
-rw-r--r-- | CHANGES | 14 | ||||
-rw-r--r-- | RELEASE-NOTES | 4 | ||||
-rw-r--r-- | lib/ssluse.c | 3 |
3 files changed, 15 insertions, 6 deletions
@@ -5,11 +5,17 @@ \___|\___/|_| \_\_____| Changelog +Daniel S (22 May 2007) +- Andre Guibert de Bruet fixed a memory leak in the function that verifies the + peer's name in the SSL certificate when built for OpenSSL. The leak happens + for libcurls with CURL_DOES_CONVERSIONS enabled that fail to convert the CN + name from UTF8. + Daniel S (18 May 2007) -- Feng Tu reported that curl -w did wrong on TFTP transfers in - bug report #1715394 (http://curl.haxx.se/bug/view.cgi?id=1715394), and the - transfer-related info "variables" were indeed overwritten with zeroes wrongly - and have now been adjusted. The upload size still isn't accurate. +- Feng Tu reported that curl -w did wrong on TFTP transfers in bug report + #1715394 (http://curl.haxx.se/bug/view.cgi?id=1715394), and the + transfer-related info "variables" were indeed overwritten with zeroes + wrongly and have now been adjusted. The upload size still isn't accurate. Daniel S (17 May 2007) - Feng Tu pointed out a division by zero error in the TFTP connect timeout diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 0bb7221c3..9c18d9fdf 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -45,6 +45,7 @@ This release includes the following bugfixes: o SFTP quote commands chmod, chown, chgrp can now set a value of 0 o TFTP connect timouts less than 5 seconds o improved curl -w for TFTP transfers + o memory leak when failed OpenSSL certificate CN field checking This release includes the following known bugs: @@ -69,6 +70,7 @@ advice from friends like these: Song Ma, Dan Fandrich, Yang Tse, Jay Austin, Robert Iakobashvil, James Housley, Daniel Black, Steve Little, Sonia Subramanian, Peter O'Gorman, Frank Hempel, Michael Wallner, Jeff Pohlmeyer, Tobias Rundström, - Anders Gustafsson, James Bursa, Kristian Gunstone, Feng Tu + Anders Gustafsson, James Bursa, Kristian Gunstone, Feng Tu, + Andre Guibert de Bruet Thanks! (and sorry if I forgot to mention someone) diff --git a/lib/ssluse.c b/lib/ssluse.c index 5c2999dfa..76c3bd846 100644 --- a/lib/ssluse.c +++ b/lib/ssluse.c @@ -1123,7 +1123,8 @@ static CURLcode verifyhost(struct connectdata *conn, rc = Curl_convert_from_utf8(data, peer_CN, strlen(peer_CN)); /* Curl_convert_from_utf8 calls failf if unsuccessful */ if (rc != CURLE_OK) { - return(rc); + OPENSSL_free(peer_CN); + return rc; } } #endif /* CURL_DOES_CONVERSIONS */ |