Klaus Demo nginx / 52d9da8
SSL: missing free calls in $ssl_client_s_dn and $ssl_client_i_dn. If X509_get_issuer_name() or X509_get_subject_name() returned NULL, this could lead to a certificate reference leak. It cannot happen in practice though, since each function returns an internal pointer to a mandatory subfield of the certificate successfully decoded by d2i_X509() during certificate message processing (closes #1751). Nikolay Morozov 1 year, 5 months ago
1 changed file(s) with 2 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all
46214621
46224622 name = X509_get_subject_name(cert);
46234623 if (name == NULL) {
4624 X509_free(cert);
46244625 return NGX_ERROR;
46254626 }
46264627
46724673
46734674 name = X509_get_issuer_name(cert);
46744675 if (name == NULL) {
4676 X509_free(cert);
46754677 return NGX_ERROR;
46764678 }
46774679