55 lines
1.6 KiB
Diff
55 lines
1.6 KiB
Diff
From 0f06a850ced79244774734ed525b289f2930d9c7 Mon Sep 17 00:00:00 2001
|
|
From: Andre lorbach <alorbach@adiscon.com>
|
|
Date: Thu, 11 May 2023 16:49:11 +0200
|
|
Subject: [PATCH] [backport] GNUTls Driver: Fix memory leaks in gtlsInitCred
|
|
|
|
Missing CA Certificate or multiple Connections caused
|
|
a memory leak in pThis->xcred as it was allocated each time in
|
|
gtlsInitCred by gnutls_certificate_allocate_credentials
|
|
|
|
closes: https://github.com/rsyslog/rsyslog/issues/5135
|
|
|
|
---
|
|
|
|
Conflict:NA
|
|
Type:bugfix
|
|
Reference:https://github.com/rsyslog/rsyslog/commit/3401d687d2d5f9556165b53be79fbe4dc49b8c79
|
|
|
|
---
|
|
---
|
|
runtime/nsd_gtls.c | 10 +++++++++-
|
|
1 file changed, 9 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c
|
|
index e003d85d3..91cffb500 100644
|
|
--- a/runtime/nsd_gtls.c
|
|
+++ b/runtime/nsd_gtls.c
|
|
@@ -711,7 +711,10 @@ gtlsInitCred(nsd_gtls_t *const pThis )
|
|
DEFiRet;
|
|
|
|
/* X509 stuff */
|
|
- CHKgnutls(gnutls_certificate_allocate_credentials(&pThis->xcred));
|
|
+ if (pThis->xcred == NULL) {
|
|
+ /* Allocate only ONCE */
|
|
+ CHKgnutls(gnutls_certificate_allocate_credentials(&pThis->xcred));
|
|
+ }
|
|
|
|
/* sets the trusted cas file */
|
|
cafile = (pThis->pszCAFile == NULL) ? glbl.GetDfltNetstrmDrvrCAF(runConf) : pThis->pszCAFile;
|
|
@@ -2277,7 +2280,12 @@ finalize_it:
|
|
if(pThis->bHaveSess) {
|
|
gnutls_deinit(pThis->sess);
|
|
pThis->bHaveSess = 0;
|
|
+ /* Free memory using gnutls api first*/
|
|
+ gnutls_certificate_free_credentials(pThis->xcred);
|
|
pThis->xcred = NULL;
|
|
+ /* Free other memory */
|
|
+ free(pThis->pszConnectHost);
|
|
+ pThis->pszConnectHost = NULL;
|
|
}
|
|
}
|
|
|
|
--
|
|
2.33.0
|
|
|