----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/71805/#review218765 -----------------------------------------------------------
Ship it! Good find! Can you file a MESOS ticket for this with affected versions tagged? 3rdparty/libprocess/src/openssl.cpp Line 843 (original), 843 (patched) <https://reviews.apache.org/r/71805/#comment306631> This says "if this call succeeds", but I guess it should say in all cases? I guess it's not possible to just have it on the stack.. :( - Benjamin Mahler On Nov. 22, 2019, 4:20 p.m., Benno Evers wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/71805/ > ----------------------------------------------------------- > > (Updated Nov. 22, 2019, 4:20 p.m.) > > > Review request for mesos, Benjamin Bannier, Benjamin Mahler, and Greg Mann. > > > Repository: mesos > > > Description > ------- > > When the hostname validation scheme was set to 'openssl', > the `openssl::verify()` function would return without > freeing a previously allocated `X509*` object. > > To fix the leak, a long-standing TODO to switch to > RAII-based memory management for the certificate was > resolved. > > > Diffs > ----- > > 3rdparty/libprocess/src/openssl.cpp > bd05866950e1043d9585a7c5fdc7b2147a233fd3 > > > Diff: https://reviews.apache.org/r/71805/diff/1/ > > > Testing > ------- > > `make check` > > > Thanks, > > Benno Evers > >
