summaryrefslogtreecommitdiff
path: root/backport-vtls-avoid-memory-leak-if-sha256-call-fails.patch
diff options
context:
space:
mode:
Diffstat (limited to 'backport-vtls-avoid-memory-leak-if-sha256-call-fails.patch')
-rw-r--r--backport-vtls-avoid-memory-leak-if-sha256-call-fails.patch41
1 files changed, 41 insertions, 0 deletions
diff --git a/backport-vtls-avoid-memory-leak-if-sha256-call-fails.patch b/backport-vtls-avoid-memory-leak-if-sha256-call-fails.patch
new file mode 100644
index 0000000..bf475bc
--- /dev/null
+++ b/backport-vtls-avoid-memory-leak-if-sha256-call-fails.patch
@@ -0,0 +1,41 @@
+From a4a5e438ae533c9af5e97457ae424c9189545105 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 12 Jun 2023 14:10:37 +0200
+Subject: [PATCH] vtls: avoid memory leak if sha256 call fails
+
+... in the pinned public key handling function.
+
+Reported-by: lizhuang0630 on github
+Fixes #11306
+Closes #11307
+
+Conflict: NA
+Reference: https://github.com/curl/curl/commit/a4a5e438ae533c9af5e97457ae424c9189545105
+---
+ lib/vtls/vtls.c | 12 +++++-------
+ 1 file changed, 5 insertions(+), 7 deletions(-)
+
+diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
+index a4ff7d61a6193..cdd3a4fdc1c14 100644
+--- a/lib/vtls/vtls.c
++++ b/lib/vtls/vtls.c
+@@ -907,14 +907,12 @@ CURLcode Curl_pin_peer_pubkey(struct Curl_easy *data,
+ if(!sha256sumdigest)
+ return CURLE_OUT_OF_MEMORY;
+ encode = Curl_ssl->sha256sum(pubkey, pubkeylen,
+- sha256sumdigest, CURL_SHA256_DIGEST_LENGTH);
++ sha256sumdigest, CURL_SHA256_DIGEST_LENGTH);
+
+- if(encode != CURLE_OK)
+- return encode;
+-
+- encode = Curl_base64_encode((char *)sha256sumdigest,
+- CURL_SHA256_DIGEST_LENGTH, &encoded,
+- &encodedlen);
++ if(!encode)
++ encode = Curl_base64_encode((char *)sha256sumdigest,
++ CURL_SHA256_DIGEST_LENGTH, &encoded,
++ &encodedlen);
+ Curl_safefree(sha256sumdigest);
+
+ if(encode)
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-30 03:55:00 +0000