svn commit: r1200694 - /trafficserver/traffic/trunk/iocore/net/SSLNet.cc

Thu, 10 Nov 2011 18:16:35 -0800 

Author: igalic
Date: Fri Nov 11 02:16:11 2011
New Revision: 1200694

URL: http://svn.apache.org/viewvc?rev=1200694&view=rev
Log:
Fix potential memory leaks when returning early with errors from
parsing SSL configs

Modified:
    trafficserver/traffic/trunk/iocore/net/SSLNet.cc

Modified: trafficserver/traffic/trunk/iocore/net/SSLNet.cc
URL: 
http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/SSLNet.cc?rev=1200694&r1=1200693&r2=1200694&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/SSLNet.cc (original)
+++ trafficserver/traffic/trunk/iocore/net/SSLNet.cc Fri Nov 11 02:16:11 2011
@@ -307,12 +307,14 @@ SSLNetProcessor::initSSLServerCTX(SslCon
         ats_free(completeServerCaCertPath);
         return -2;
       }
+      ats_free(completeServerCaCertPath);
     }
   } else {
     completeServerCertPath = Layout::relative_to 
(param->getServerCertPathOnly(), serverCertPtr);
 
     if (SSL_CTX_use_certificate_file(lCtx, completeServerCertPath, 
SSL_FILETYPE_PEM) <= 0) {
       Error ("SSL ERROR: Cannot use server certificate file: %s", 
completeServerCertPath);
+      ats_free(completeServerCertPath);
       return -2;
     }
     if (serverCaCertPtr) {
@@ -322,12 +324,14 @@ SSLNetProcessor::initSSLServerCTX(SslCon
         ats_free(completeServerCaCertPath);
         return -2;
       }
+      ats_free(completeServerCaCertPath);
     }
 
     if (serverKeyPtr == NULL)   // assume private key is contained in cert 
obtained from multicert file.
     {
       if (SSL_CTX_use_PrivateKey_file(lCtx, completeServerCertPath, 
SSL_FILETYPE_PEM) <= 0) {
         Error("SSL ERROR: Cannot use server private key file: %s", 
completeServerCertPath);
+        ats_free(completeServerCertPath);
         return -3;
       }
     } else {
@@ -335,13 +339,16 @@ SSLNetProcessor::initSSLServerCTX(SslCon
         char *completeServerKeyPath = 
Layout::get()->relative_to(param->getServerKeyPathOnly(), serverKeyPtr);
         if (SSL_CTX_use_PrivateKey_file(lCtx, completeServerKeyPath, 
SSL_FILETYPE_PEM) <= 0) {
           Error("SSL ERROR: Cannot use server private key file: %s", 
completeServerKeyPath);
+          ats_free(completeServerKeyPath);
           return -3;
         }
+        ats_free(completeServerKeyPath);
       } else {
         logSSLError("Empty ssl private key path in records.config.");
       }
 
     }
+    ats_free(completeServerCertPath);
 
 
   }

Reply via email to