42 lines
1.4 KiB
Diff
42 lines
1.4 KiB
Diff
|
From a4a5e438ae533c9af5e97457ae424c9189545105 Mon Sep 17 00:00:00 2001
|
||
|
|
From: Daniel Stenberg <daniel@haxx.se>
|
||
|
|
Date: Mon, 12 Jun 2023 14:10:37 +0200
|
||
|
|
Subject: [PATCH] vtls: avoid memory leak if sha256 call fails
|
||
|
|
|
||
|
|
... in the pinned public key handling function.
|
||
|
|
|
||
|
|
Reported-by: lizhuang0630 on github
|
||
|
|
Fixes #11306
|
||
|
|
Closes #11307
|
||
|
|
|
||
|
|
Conflict: NA
|
||
|
|
Reference: https://github.com/curl/curl/commit/a4a5e438ae533c9af5e97457ae424c9189545105
|
||
|
|
---
|
||
|
|
lib/vtls/vtls.c | 12 +++++-------
|
||
|
|
1 file changed, 5 insertions(+), 7 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
|
||
|
|
index a4ff7d61a6193..cdd3a4fdc1c14 100644
|
||
|
|
--- a/lib/vtls/vtls.c
|
||
|
|
+++ b/lib/vtls/vtls.c
|
||
|
|
@@ -907,14 +907,12 @@ CURLcode Curl_pin_peer_pubkey(struct Curl_easy *data,
|
||
|
|
if(!sha256sumdigest)
|
||
|
|
return CURLE_OUT_OF_MEMORY;
|
||
|
|
encode = Curl_ssl->sha256sum(pubkey, pubkeylen,
|
||
|
|
- sha256sumdigest, CURL_SHA256_DIGEST_LENGTH);
|
||
|
|
+ sha256sumdigest, CURL_SHA256_DIGEST_LENGTH);
|
||
|
|
|
||
|
|
- if(encode != CURLE_OK)
|
||
|
|
- return encode;
|
||
|
|
-
|
||
|
|
- encode = Curl_base64_encode((char *)sha256sumdigest,
|
||
|
|
- CURL_SHA256_DIGEST_LENGTH, &encoded,
|
||
|
|
- &encodedlen);
|
||
|
|
+ if(!encode)
|
||
|
|
+ encode = Curl_base64_encode((char *)sha256sumdigest,
|
||
|
|
+ CURL_SHA256_DIGEST_LENGTH, &encoded,
|
||
|
|
+ &encodedlen);
|
||
|
|
Curl_safefree(sha256sumdigest);
|
||
|
|
|
||
|
|
if(encode)
|