Hi, Shouldn't the do_dirname() function (in v3_alt.c, l.559) call X509V3_section_free(ctx, sk) to free memory which might be allocated previously by X509V3_get_section(ctx, value) ?
I've looked in other files: the r2i_pci() function (in v3_pci.c, l.217), do this function call quickly after X509V3_get_section(). asn1_multi() (in asn1_gen.c, l.440), r2i_certpol() (in v3_pols.c, l.131) and policy_section() (in v3_pols.c, l.194) do the same call. In OpenSSL, this omission doesn't lost memory because the two declared X509V3_CONF_METHOD structures (nconf_method and conf_lhash_method) don't containt free_section function pointer. But, it can lost memory if we want to make other X509_CONF_METHODs with free_section method and we want to make a GENERAL_NAME with the "dirName" CONF_VALUE name. I've tried to correct this problem (see attached file), can you tell me if it's the right way ? Thanks in advance, -- Jean Rebiffé
diff -ur openssl-0.9.8e.orig/crypto/x509v3/v3_alt.c openssl-0.9.8e/crypto/x509v3/v3_alt.c --- openssl-0.9.8e.orig/crypto/x509v3/v3_alt.c 2007-01-21 14:16:46.000000000 +0100 +++ openssl-0.9.8e/crypto/x509v3/v3_alt.c 2007-09-17 09:58:25.000000000 +0200 @@ -577,5 +577,7 @@ X509_NAME_free(nm); gen->d.dirn = nm; + X509V3_section_free(ctx, sk); + return ret; }
