dany/luasec
1
0
Fork 0
mirror of https://github.com/brunoos/luasec.git synced 2025-02-13 23:42:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

context: Don't leak EC_KEY in set_curve()

Browse Source 
SSL_CTX_set_tmp_ecdh() takes a reference to the provided key.

==8323== 1,044 (56 direct, 988 indirect) bytes in 1 blocks are definitely lost in loss record 611 of 631
==8323==    at 0x4C2935B: malloc (vg_replace_malloc.c:270)
==8323==    by 0x5E05D9F: CRYPTO_malloc (mem.c:308)
==8323==    by 0x5E59859: EC_KEY_new (ec_key.c:75)
==8323==    by 0x5E59974: EC_KEY_new_by_curve_name (ec_key.c:96)
==8323==    by 0x4E395A7: set_curve (context.c:261)
...
This commit is contained in:
Paul Aurich 2013-09-07 14:44:23 -07:00
parent a344f58b20
commit 3fb33cdc4e
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/context.c
View File

@ -507,15 +507,22 @@ static int set_curve(lua_State *L)
#else #else
static int set_curve(lua_State *L) static int set_curve(lua_State *L)
{ {
long ret;
SSL_CTX *ctx = lsec_checkcontext(L, 1); SSL_CTX *ctx = lsec_checkcontext(L, 1);
const char *str = luaL_checkstring(L, 2); const char *str = luaL_checkstring(L, 2);
EC_KEY *key = find_ec_key(str); EC_KEY *key = find_ec_key(str);
if (!key) { if (!key) {
lua_pushboolean(L, 0); lua_pushboolean(L, 0);
lua_pushstring(L, "elliptic curve not supported"); lua_pushstring(L, "elliptic curve not supported");
return 2; return 2;
} }
if (!SSL_CTX_set_tmp_ecdh(ctx, key)) {
ret = SSL_CTX_set_tmp_ecdh(ctx, key);
/* SSL_CTX_set_tmp_ecdh takes its own reference */
EC_KEY_free(key);
if (!ret) {
lua_pushboolean(L, 0); lua_pushboolean(L, 0);
lua_pushstring(L, "error setting elliptic curve"); lua_pushstring(L, "error setting elliptic curve");
return 2; return 2;