ssl_new_stream() takes ownership of the passed-in 'name' parameter. In error scenarios, the name is leaked. I was able to trigger this leak by attempting to connect to an ovsdb over SSL and specifying non-existent certificate, private key, and CA cert files.
This patch fixes the problem by freeing 'name' in the error label. Signed-off-by: Mark Michelson <[email protected]> --- lib/stream-ssl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/stream-ssl.c b/lib/stream-ssl.c index a198d6783..13803014b 100644 --- a/lib/stream-ssl.c +++ b/lib/stream-ssl.c @@ -300,6 +300,7 @@ error: SSL_free(ssl); } closesocket(fd); + free(name); return retval; } -- 2.13.3 _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
