Google Git
Sign in
boringssl/boringssl.git/89917a5c600ca03d6d1e3d97fb95203ebdcdad9b^!/.
commit
89917a5c600ca03d6d1e3d97fb95203ebdcdad9b
[log]
author
Daniel Bathgate <dbathgate@google.com>
Tue Oct 18 14:31:02 2016 +0100
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Tue Oct 18 14:13:53 2016 +0000
tree
6f97b1023fe9c19d54cc771514bbb2b1c96f4c04
parent
e228bd299d4a0d0d0dcff117083aea19da868874 [diff]
Fix memory leak in set_signing_algorithm_prefs.

If SSL_CTX_set_signing_algorithm_prefs or
SSL_set_signing_algorithm_prefs are
called multiple times for the same cert, the
previous cert->sigalgs will leak.

Free the existing sigalgs before setting a new one.

Change-Id: I73cdb366a8f47d8cc0baae986fd0aa80b60300e2
Reviewed-on: https://boringssl-review.googlesource.com/11640
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index 03f6441..29e5f19 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c

@@ -352,6 +352,8 @@
 
 static int set_signing_algorithm_prefs(CERT *cert, const uint16_t *prefs,
                                        size_t num_prefs) {
+  OPENSSL_free(cert->sigalgs);
+
   cert->num_sigalgs = 0;
   cert->sigalgs = BUF_memdup(prefs, num_prefs * sizeof(prefs[0]));
   if (cert->sigalgs == NULL) {