hello,

memory leak was found by valgrind
From 61f04a8ecdcfc105f732d5978180ad2ab746cc34 Mon Sep 17 00:00:00 2001
From: Ilya Shipitsin <chipits...@gmail.com>
Date: Sat, 25 May 2019 03:38:14 +0500
Subject: [PATCH] BUG/MINOR: ssl_sock: Fix memory leak when disabling
 compression

according to manpage:

       sk_TYPE_zero() sets the number of elements in sk to zero. It does not free sk so after this call sk is still valid.

so we need to free all elements
---
 src/ssl_sock.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 651afa3a..4a0ad768 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -9702,6 +9702,7 @@ __attribute__((constructor))
 static void __ssl_sock_init(void)
 {
 	STACK_OF(SSL_COMP)* cm;
+	int n;
 
 	if (global_ssl.listen_default_ciphers)
 		global_ssl.listen_default_ciphers = strdup(global_ssl.listen_default_ciphers);
@@ -9719,7 +9720,11 @@ static void __ssl_sock_init(void)
 	SSL_library_init();
 #endif
 	cm = SSL_COMP_get_compression_methods();
-	sk_SSL_COMP_zero(cm);
+	n = sk_SSL_COMP_num(cm);
+	while (n--) {
+		(void) sk_SSL_COMP_pop(cm);
+	}
+
 #if defined(USE_THREAD) && (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
 	ssl_locking_init();
 #endif
-- 
2.20.1

Reply via email to