1
0
Fork 0
mirror of https://github.com/puma/puma.git synced 2022-11-09 13:48:40 -05:00

minissl.c - immediate ruby_memcheck fixes (#2956)

All of the other results were calling `rb_define_` functions, which may be false positives.

The changes fix leaks in an object that is created once for each SSL listener.
This commit is contained in:
MSP-Greg 2022-09-15 00:44:55 -05:00 committed by GitHub
parent e438b907de
commit 0a57ffdc81
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -275,8 +275,11 @@ sslctx_initialize(VALUE self, VALUE mini_ssl_ctx) {
x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL); x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
if (SSL_CTX_use_certificate(ctx, x509) != 1) { if (SSL_CTX_use_certificate(ctx, x509) != 1) {
BIO_free(bio);
raise_file_error("SSL_CTX_use_certificate", RSTRING_PTR(cert_pem)); raise_file_error("SSL_CTX_use_certificate", RSTRING_PTR(cert_pem));
} }
X509_free(x509);
BIO_free(bio);
} }
if (!NIL_P(key_pem)) { if (!NIL_P(key_pem)) {
@ -285,8 +288,11 @@ sslctx_initialize(VALUE self, VALUE mini_ssl_ctx) {
pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL); pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);
if (SSL_CTX_use_PrivateKey(ctx, pkey) != 1) { if (SSL_CTX_use_PrivateKey(ctx, pkey) != 1) {
BIO_free(bio);
raise_file_error("SSL_CTX_use_PrivateKey", RSTRING_PTR(key_pem)); raise_file_error("SSL_CTX_use_PrivateKey", RSTRING_PTR(key_pem));
} }
EVP_PKEY_free(pkey);
BIO_free(bio);
} }
verification_flags = rb_funcall(mini_ssl_ctx, rb_intern_const("verification_flags"), 0); verification_flags = rb_funcall(mini_ssl_ctx, rb_intern_const("verification_flags"), 0);